The Future of Privacy

Over the past 20 years, there’s been a sea change in the battle for personal privacy.

The pervasiveness of computers has resulted in the almost constant surveillance of everyone, with profound implications for our society and our freedoms. Corporations and the police are both using this new trove of surveillance data. We as a society need to understand the technological trends and discuss their implications. If we ignore the problem and leave it to the “market,” we’ll all find that we have almost no privacy left.

Most people think of surveillance in terms of police procedure: Follow that car, watch that person, listen in on his phone conversations. This kind of surveillance still occurs. But today’s surveillance is more like the NSA’s model, recently turned against Americans: Eavesdrop on every phone call, listening for certain keywords. It’s still surveillance, but it’s wholesale surveillance.

Wholesale surveillance is a whole new world. It’s not “follow that car,” it’s “follow every car.” The National Security Agency can eavesdrop on every phone call, looking for patterns of communication or keywords that might indicate a conversation between terrorists. Many airports collect the license plates of every car in their parking lots, and can use that database to locate suspicious or abandoned cars. Several cities have stationary or car-mounted license-plate scanners that keep records of every car that passes, and save that data for later analysis.

More and more, we leave a trail of electronic footprints as we go through our daily lives. We used to walk into a bookstore, browse, and buy a book with cash. Now we visit Amazon, and all of our browsing and purchases are recorded. We used to throw a quarter in a toll booth; now EZ Pass records the date and time our car passed through the booth. Data about us are collected when we make a phone call, send an e-mail message, make a purchase with our credit card, or visit a website.

Much has been written about RFID chips and how they can be used to track people. People can also be tracked by their cell phones, their Bluetooth devices, and their WiFi-enabled computers. In some cities, video cameras capture our image hundreds of times a day.

The common thread here is computers. Computers are involved more and more in our transactions, and data are byproducts of these transactions. As computer memory becomes cheaper, more and more of these electronic footprints are being saved. And as processing becomes cheaper, more and more of it is being cross-indexed and correlated, and then used for secondary purposes.

Information about us has value. It has value to the police, but it also has value to corporations. The Justice Department wants details of Google searches, so they can look for patterns that might help find child pornographers. Google uses that same data so it can deliver context-sensitive advertising messages. The city of Baltimore uses aerial photography to surveil every house, looking for building permit violations. A national lawn-care company uses the same data to better market its services. The phone company keeps detailed call records for billing purposes; the police use them to catch bad guys.

In the dot-com bust, the customer database was often the only salable asset a company had. Companies like Experian and Acxiom are in the business of buying and reselling this sort of data, and their customers are both corporate and government.

Computers are getting smaller and cheaper every year, and these trends will continue. Here’s just one example of the digital footprints we leave:

It would take about 100 megabytes of storage to record everything the fastest typist input to his computer in a year. That’s a single flash memory chip today, and one could imagine computer manufacturers offering this as a reliability feature. Recording everything the average user does on the Internet requires more memory: 4 to 8 gigabytes a year. That’s a lot, but “record everything” is Gmail’s model, and it’s probably only a few years before ISPs offer this service.

The typical person uses 500 cell phone minutes a month; that translates to 5 gigabytes a year to save it all. My iPod can store 12 times that data. A “life recorder” you can wear on your lapel that constantly records is still a few generations off: 200 gigabytes/year for audio and 700 gigabytes/year for video. It’ll be sold as a security device, so that no one can attack you without being recorded. When that happens, will not wearing a life recorder be used as evidence that someone is up to no good, just as prosecutors today use the fact that someone left his cell phone at home as evidence that he didn’t want to be tracked?

In a sense, we’re living in a unique time in history. Identification checks are common, but they still require us to whip out our ID. Soon it’ll happen automatically, either through an RFID chip in our wallet or face-recognition from cameras. And those cameras, now visible, will shrink to the point where we won’t even see them.

We’re never going to stop the march of technology, but we can enact legislation to protect our privacy: comprehensive laws regulating what can be done with personal information about us, and more privacy protection from the police. Today, personal information about you is not yours; it’s owned by the collector. There are laws protecting specific pieces of personal data—videotape rental records, health care information—but nothing like the broad privacy protection laws you find in European countries. That’s really the only solution; leaving the market to sort this out will result in even more invasive wholesale surveillance.

Most of us are happy to give out personal information in exchange for specific services. What we object to is the surreptitious collection of personal information, and the secondary use of information once it’s collected: the buying and selling of our information behind our back.

In some ways, this tidal wave of data is the pollution problem of the information age. All information processes produce it. If we ignore the problem, it will stay around forever. And the only way to successfully deal with it is to pass laws regulating its generation, use and eventual disposal.

This essay was originally published in the Minneapolis Star-Tribune.

Tags: , , , , , , , ,

Posted on March 6, 2006 at 5:41 AM113 Comments

Comments

ted March 6, 2006 6:05 AM

Bruce, any legislation will legalize some forms of total surveillance while pushing the legalization of the rest into the future. In my opinion hoping that the .gov will listen (now and in the future) to Bruce Schneier and not to Acxiom is unrealistic and it wont happen.

Alternatively, instead of hoping the already oppresive .gov will tie its hands and not use tools that will make it stronger, we can try and eliminate the .gov from the picture altogether…

Finaly, one does not hope for the market to solve things – the market does solve things, always. And thats not because the market is some magic deus ex machina, but because it is the sum of all its human and organizational participants. Your privacy is your private property and the moment you give legislative power over your privacy to the .gov you delegate it indirectly into the hands of Acxiom. I think that in the long run this is a bad tradeoff.

Thats how I see it.

Rochus March 6, 2006 7:35 AM

[…] prosecutors today use the fact that someone left his cell phone at home as evidence that he didn’t want to be tracked?

Reference, please?

D March 6, 2006 7:36 AM

I agree with ted that the market does solve problems. However, I think ted overlooked the fact that the “market” solves problems to its benefit. For example, customer loyalty cards: what problems do they solve? No more surreptitious collection of data, the customer volunteers it. No complicated database querying to find correlations, you scanned your card at checkout proving the correlation.

What problems does it solve for the consumer? It provides discounts. Yes, the prices are artificially increased to give the illusion of the discount, but people don’t care. They see savings. (Remember, the US is a culture that largely believes that you have to spend more to save more.)

And until there’s some outright nightmarish problem with this scheme that people will recognize, they’ll keep volunteering for it and the “market” will continue to make it easier for business.

JakeS March 6, 2006 8:01 AM

Seems to me that what we have now is a lot of agencies and corporations holding information about us;  but often, each one has only part of the picture.  Sometimes they have links to each other, but mostly there are no links and no way to put together the complete picture.

For example, I don’t think my car’s movements can be reliably linked to my phone calls or to the books that I buy at Amazon;  but because Amazon has my e-mail address, my book purchases could be linked to my e-mail messages.

The failure of the DHS no-fly list shows that even the government doesn’t have a reliable way to identify people.

What’s needed for proper surveillance is a compulsory identity card that everyone must have.  Then allow that identification to be required every time anyone opens an account, registers for a service, fills in a government form, stays at a hotel, rents a car, etc.  Then the card number will be attached to every transaction that has an electronic record, either directly because the ID is presented, or indirectly by the use of a credit card, car, phone, etc., that can only be obtained by presenting the ID.  Then the government, and corporations, can really get a full picture of everything we do, and the no-fly list will work because there’s a unique ID attached to each name.  Until then, we have a tiny margin of privacy.

(For completeness, I guess every visitor to the US would have to get an ID number too, otherwise there would always be a residue of transactions not linked to people.  And I don’t know what they’d do about all the people who are in the country illegally.)

Chuck March 6, 2006 8:17 AM

I can’t reproduce your data storage requirement for 500 MOU/month of cell calls. You say 5 Gbytes/year.

I get 50060365 = 0.36 megaseconds/year

Compressed speech requires about 10,000 bits/sec (1,250 bytes/sec) to record both sides of a call.

0.36 * 1,250 = 0.45 Gbytes/year.

note that if you record at PCM rates 64 kbits/sec and record each side separately you get about 5 Gbytes/year.

Chuck J

kashmarek March 6, 2006 8:24 AM

It all smacks of “1984” (Orwell). Government of the people by the government for the government.

Erik N March 6, 2006 8:30 AM

@ted:

1st: The market will solve the problems that are profitable to solve – what is your business model for the privacy market? What do you expect happens to your personal data when your privacy company goes bankrupt?

2nd: Do you place more trust in some arbitrary corporation to protect your data or in a government where at least you have a vote?

Andy March 6, 2006 8:43 AM

The phone company keeps detailed call records for billing purposes; the police use them to catch bad guys.

The problem is not that the police use information that has been collected to catch the bad guys–who wouldn’t be for that? The problem is that the police can gain access to the data wheither they are looking for a bad guy or not, under the umbrella of “safety” and “security”.

Damon March 6, 2006 8:48 AM

David Brin’s Transparent Society has a partial answer for this trend: transparent surveillance. If everyone has access to the data and unforgeable logs are kept, then oversight is possible.

However, this cannot happen without a major social adjustment. While legislation should align with our goals, soceital norms will dictate actual behavior. There will need to be social stigmas attached to such behaviors. Voyuerism already has such a stigma.

I am actually hopeful that if pervasive surveillance is transparent enough, society will improve. Individual connection to society is weakened when one is anonymous in everyday dealings. If everyone is a stranger, then we all become mistrustful and disconnected. I hope soceity will adapt to pervasive surveillance and create new ways to maintain interpersonal bonds than incorporate technology.

Emery Jeffreys March 6, 2006 9:00 AM

We worry about surveilance in public by traffic cameras and similar devices.

The courts ruled many, many years ago that U.S. citizens have no reasonable expectaiton of privacy when they are in a public place. That’s one of the reasons that a newspaper does not need your permission to publish a photo of you in a crowd.

Citizens of this great republic must be more concerned about the unregulated database companies that collect informaiton about us than traffic cameras and cell phones.

If you are worried about e-mail privacy, encrypt it. If you are worried about cell phone monitoring, encrypt it.

paul March 6, 2006 9:01 AM

A couple unrelated comments: First, once you’ve got all this data running around, how do you do anything useful with it? Except in a few notable instances, the bandwidth for searching these kinds of archives is massively overmatched by the quantity of data. Even as storage capacities increase and CPUs get more powerful, the von neumann bottleneck is still with us, perhaps more than ever. (This may turn out to be a good thing, or it may mean that only the privileged few get to use and abuse the enormous archives we’re generating.)

Second: with remote reading of license plates, webcams that can can read UPC codes and so forth, you don’t need to be using electronic-payment methods to become part of the digitized universe. You go into a bookstore and pay cash, and the store can correlate the ISBN of your purchase with the picture from the register surveillance camera, which in turn links to the license plate of the car you get into in the parking lot. (I’m sure there would be a few rough edges on installing such a system right now, but error rate doesn’t seem to be a big deal for surveillance systems these days.) You can opt out of leaving some kinds of digital trail by concentrated efforts, but you’ll leave others simply be existing.

Mike Sherwood March 6, 2006 9:07 AM

Most people talk of privacy in terms of defensive actions, like not giving out information or passing laws to protect it. This doesn’t work because there will always be those who will find ways to con you out of information or get it illegally. For example, have you ever filled out a warrantee registration card or mail in rebate? Would you be surprised to find out that you may have mailed it directly to a company like Acxiom?

I prefer the path of database corruption. People who want information may prevent you from doing something if you don’t give it to them. Very few will notice or care if you give them invalid information. Discount cards give you a discount for attaching a number to your transactions. They don’t care if the name on the card and your credit card don’t match. If you use cash, they wouldn’t even know they don’t match. If you traded cards with someone, the purchasing habits would be inconsistent, but you’d both get the same discounts.

One of my friends used to rot13 the name of someone asking for information and make a plausable sounding name to provide. (He could do rot13 in his head.) This allowed him to get new junk mail and figure out who sold the information. It also served the purpose of poisoning these databases with a lot of invalid information.

The point that is often missed is that data aggregators like Acxiom don’t do much validation of the information they receive. They sell information by volume. There’s a profit anti-motive to finding something that would tie my home address to my private mailbox. If they did that, they would have information about one individual to sell. If they ignore those details, they have information on two “people”.

The more consistent and valid information you provide to the various parties that request it, the more valuable the databases compiled by companies like Acxiom are. Everyone who poisons the databases makes their product less valuable. The companies who buy the information want to sell things to those people. Response rate is the most important factor. That is reduced by the number of duplicate or invalid people who are mailed.

Bruce Schneier March 6, 2006 9:07 AM

“David Brin’s Transparent Society has a partial answer for this trend: transparent surveillance. If everyone has access to the data and unforgeable logs are kept, then oversight is possible.”

What Brin misses is the power imbalance. It simply isn’t the same if, when a policeman asks for ID, if I ask to see his as well. Mutual disclosure is not the solution.

Prohias March 6, 2006 9:23 AM

Based on the last few years of reading your blog, I think this is your best post. Both for the comprehensive articulation of the facets surrounding privacy and the importance that needs to be accorded to this matter. I wish your (our) voices make a difference and gain vital political capital to make a difference.

I liked your pollution analogy, and would stretch it further – unchecked pollution blows a hole through the ozone layer; much as unchecked tracking and correlation of consumer data blows a hole through our current notions of fair play and liberty. Immoral corporations with vested and dubious interests mock and flippantly discard the deleterious effects in both spheres. Finally, if not checked in time, it will be too late to reverse and will alter our way of life as we know it today.

Bring us more hay, we still can't find the needle!!! March 6, 2006 9:28 AM

The problem as you know is not limited to phones. Web usage, email, shopping habits, public transportation “tickets” such as Metrocard and EZ-pass, and even satellite radio in one’s car can be used to track people. (Not many people know the history of the satellites being used, but they might find looking into that interesting.)

And yet Osama bin Laden still has not been located.

Not As Anonymous as He'd Like March 6, 2006 9:29 AM

It’s too late; this battle has been lost. As Bruce points out, this information is too valuable for too many people — any legislation written on the subject will be written, or at least amended, by the interests of those who have become accustomed to having this sort of wholesale information at their disposal and who will not want to give it up. The fact that, as the article points out, most people don’t think of surveillance as being so pervasive is largely irrelevant, since the fundamental problem is that most people simply don’t care, as long as it’s not inconveniencing them in an immediate, clear way.

The only thing is to get used to it. Total surveillance is here to stay, whether we like it or not.

Bruce Schneier March 6, 2006 9:43 AM

“It’s too late; this battle has been lost.”

That’s simply not true. The death of privacy has been predicted for generations. It was predicted when the camera was invented, and then the audio recorder, and then the video recorder.

Scott McNealy famously said in 1999: “You have zero privacy anyway. Get over it.” David Brin wrote “The Transparent Society” in 1998. Simson Garfinkel write “Database Nation” in 2000. Last year Robert O’Harrow published “No Place to Hide.” You can go as far back as 1969 and read Jerry Rosenberg’s bok on the same topic: “The Death of Privacy.”

The truth is that the death of privacy is overrated. Just because there are cameras, it doesn’t follow that taking pictures of people naked is inevitable.

We can solve this, but it will take laws. The market won’t do it for us.

AG March 6, 2006 10:05 AM

Backwards thinking Bruce… here is why:

What is the privacy you describe that is gone away?
100 years ago could you not hire 10,000 to stand next to a road and report who drive/rides by?
What has really changed?
The amount of “watching” does nothing to the “rights” involved.

Privacy is not a solid object! If you try and defend privacy you will LOSE.

What can you defend? Property!!! Companies are using YOUR purchasing history, YOUR credit history, YOUR travel patterns, etc. and making money with it!
This means YOUR information is like oil. They mine the information, refine it, and sell…but HOW DID THEY EVER GET THE “RIGHTS”?

We should sue the companies and the govt for taking our information and not paying us for it.

That is how we CAN win. Defending privacy is how we WILL lose. Defining information as property is how we will WIN.

J.D. Abolins March 6, 2006 10:05 AM

A couple of items:

  1. The Universal Transparency site had a “Surveillance Bill of Rights that suggested the conditions that would be required to make a transparent society workable. Things such as “Surveillance is never to be used for misdemeanors of any type.”, “Surveillance can be used for violent felonies and chaos only”, “Anonymity must be guaranteed periodically for elections, whistelblowing and other specified areas”,”The Government will provide safe and secure meeting places for its citizens to have privacy” and “Transparency must be applied to the Government approximately equal to that applied to its citizens.” Rather a tall order for this world.

Alas, that document’s site was recently defaced and the text is obscured. (You can view the source code for http://www.universaltransparency.org/modules.php?name=Content&pa=showpage&pid=9
and get the text or you can run that URL through archive.org and see a pre-hack/cracked version of the page.)

  1. Bruce’s essay and the comments here seem to echo in part the reported keynote speech comments made by Privacy International’s Simon Davies at Black Hat Europe 2005. Davies was speaking about the “coming Dark Ages for Privacy”. Unfortunately, a publicly accessible transcript or recording of the speech isn’t available. A story about Davies speech can be found at http://www.channelregister.co.uk/2005/04/01/privacy_resistance/

bo March 6, 2006 10:16 AM

A system to register all vehicles passing in and out of central Stockholm was implemented this year. The environmental party rationale is to reduce traffic in inner city by charging owner varying fees for when a vehicle enters the zone and for how long it stays. Frequent vistors can buy a transponder for autodebit, less frequent must pay manually. The system tracks license plates, matches received payments, and bills discrepencies with punative surcharges afterwards.

Imagine the surprise when people nowhere near Stockholm receive such bills, sometimes for cars that are not even registered or driveable. But such details do not free them from paying, oh no. The system has recorded their vehicle’s presence — that is a fact — they must pay up.

And the system is being touted a great success. Which perhaps it is, given the scale of the new infrastructure and database management it required.

Other forms of person tracking, say on the Web, are bound to show comparable mistakes (or worse) but likely be even harder to contest. How to prove one did not make a particular phone call, send or receive a particular e-mail, or visit a particular website several years after the alleged fact?

Peter Pearson March 6, 2006 10:22 AM

Bruce overestimates the amount of privacy people had in, say, small-town Ohio 100 years ago.

Bruce also mixes together several bogeymen. If we’re collectively afraid of governments using overhead imagery to look for building-code violations, isn’t that really just an indication that we’re unhappy with our building-code laws? Is Bruce’s thesis that bad laws are OK if we just blind the policemen? I’m at least as worried as the next guy about the government doing bad things to me, but I’d rather solve that by limiting the government’s power to do bad things than by making the government stupider.

As for advertisers, I happily anticipate the day when an advertiser is so sure that I’ll buy his new Widget 3000 that he’s willing to pay the fee I impose to get his ad into my mailbox. The problem with spam is that it’s for stuff I don’t want.

Davi Ottenheimer March 6, 2006 10:31 AM

@AG

Good points, and that’s why identities can be “stolen”…

@Bruce

The government already knows the value of information security and privacy. How many times a day does it toss around the words “sorry, classified” to protect something or someone? The question is really what to do if the government is most interested in protecting the most affulent citizens (e.g. “corporations”) or CYA rather than working towards a concept like the common good or “reasonableness”.

Also, interesting news about the CIA being sued for protecting its own information:

http://news.bbc.co.uk/2/hi/americas/4778680.stm

And then there was the news about the administration’s reclassification of random historical files, perhaps to protect itself from historians (don’t forget Cheney and Rumsfeld actually were in office more than 25 years ago):

http://news.bbc.co.uk/2/hi/americas/4735570.stm

“US intelligence agencies have been removing thousands of historical documents from public access, the New York Times has reported.

The restoration of classified status to more than 55,000 pages began in 1999, the paper said.
[…]
The New York Times said the reclassification programme accelerated after President Bush took office and especially after the 9/11 attacks.

But because it runs in secrecy, it continued without being noticed until December 2005.”

See, the government loves privacy…

Davi Ottenheimer March 6, 2006 10:36 AM

@ Peter Pearson

“I’m at least as worried as the next guy about the government doing bad things to me, but I’d rather solve that by limiting the government’s power to do bad things than by making the government stupider.”

Agreed. Although it might be worth noting that the threat could actually be the next guy working as an informant/proxy, so you’d need to limit the power to do bad things on behalf of the government as well.

Take for example the recent House legislation that gives up to $5,000 in tax deductions to anyone installing surveillance equipment in/around their residence, and up to $50,000 for businesses…

ted March 6, 2006 10:42 AM

@Eric N

Eric, (1) it seems we have slightly different ideas of what constitutes a market. A market is the sum of situations in which exchange occurs. To say that a market will solve problems that are profitabnle to solve is a fundamental misunderstanding. I have a problem – I need flour for the pizza I want to bake, I buy a flour from the local shop. An exchange has occured in which I profited – I got the flour for my pizza, and the shop owner Angelo has profited. What I am driving at you is that in a system of private ownership there are no problems which are not ‘profitable’, or rather, it is up to me and the other party in the exchange to decide what is a profitable rate of exchange and define profit per se. No more no less.
Now, my private data is my private property in its entirety and what I decide to do with it should be entirely within my own competence. If I decide to engage in an free exchange with an organization and sell them part or all of my property is entirely up to me and no .gov should have anything to say about that. Also, if, on the contrary, I do not wish an organization to be in possession of my private property then it wouldnt be. Also, should I decide to outsource the management of all or part of my private property to an organization, I should be able to do so subject to a mutual contractual obligation as to the position of my private property at any given point of time. Where exactly is the problem with that?

(2) Your second issue links with my reply to the first. Yes, there is a problem in the system I outline above and the name of the problem is – .gov. The .gov comes in, in the middle of a free exchange of property and declares (legislates) that my private property shall belong to the .gov from now on, and furthermore, that the .gov shall have all the rites to my property whereas I will have none…
You ask whether I trust a .gov I havent elected, I cannot possibly influence, and even if I am able to influence now I have no guarantee that it wont change its mind in the future? You ask whether I trust such an institution with my private property over an institution with which I am in a contractual and free exchange?

In my opinion and from my limited but personal experience, no bureaucrat should have any say over what I do with my private property..

Cheers and thanks Bruce for the great blog

Peter March 6, 2006 10:42 AM

Some years ago I read a security book where the author said it was no use relying on laws for privacy and he’d rather rely on mathematics. I suppose I could search on the web – he’s probably got a blog these days.

another_bruce March 6, 2006 10:51 AM

oh, i still walk into bookstores, browse and pay cash. i don’t want my juvenile, lowbrow taste in literature to become widespread knowledge.
@damon:
i disagree that there is a stigma associated with voyeurism. maybe for some people, but i shed the stigma by getting in touch with and relating to my inner voyeur, and realizing that we’re all voyeurs, we just have different tastes in what we like to watch.

Jason March 6, 2006 11:18 AM

David Brin gives the lie to his own ideas of Transparent Society ideas in his book Kiln People.

In it, people can be tracked by data correlation software (for a price) as they travel down a street, between cameras. The wealthy and the powerful are capable of tracking the poor and the powerless, while simultaneously being able to elude this same network by application of other technologies.

I find this scenario to be more plausible than the more optimistic alternative interpretations.

Alan De Smet March 6, 2006 11:27 AM

While surveillance might originally be used for legal, ethical purposes, eventually it will fall into the wrong hands. The more information you store, the worse it is when it falls into the wrong hands. Huge databases full of information necessary to engage in credit card fraud, tainting your credit? Been stolen. FBI agents collecting confidential information on companies as part of an investigation? Information sold to stock traders. Police databases ? Used to try and silence media critics. Repeatedly abused for personal use.

Privacy laws help create barriers to make abuse harder. When abuse happens anyway, privacy laws can help reduce the damage.

Prohias March 6, 2006 11:41 AM

Is it possible to purchase generic-use MasterCard / Visa branded cards with a prepaid value on them, kind of like gift cards? If I can purchase these with cash at a store and then use them for internet transactions, I wouldn’t even mind paying a small premium.

Are there reasonably priced and reasonably performant web proxies with https to the proxy available out there?

I would love to see a comprehensive list of things we can do in this online world, to minimize and better yet eliminate tracking and profiling.

Rick March 6, 2006 11:46 AM

IBM and the city of Stockholm cooperated in a total car surveillance effort. The CNet article phrases it nicely: “The system revolves around a concept that would be political suicide in many parts of the world.”

Basically they had folks glue RFID tags in their windshields, then photographed everybody’s license plate who didn’t ping the transponder. (I suppose it would be too much to hope for that one person from New Hampshire happened to have their car shipped over, so that files would include a snapshot of a license plate that says “Live Free or Die.”)

Cut down on traffic, all right.

http://news.com.com/2100-1039_3-6046130.html?part=rss&tag=6046130&subj=news

Joe Buck March 6, 2006 11:48 AM

Jason, I disagree with your interpretation. Brin is saying that the loss of privacy (as in Kiln People) is inevitable, and the proposals in Transparent Society are proposals to limit the damage. As Bruce says above, there is still a power imbalance. But without the ability to watch the watchers it will be even worse.

Peter Pearson has a good point: one reason we’re so worried about government’s increased ability to do surveillance is that most of us violate at least one law (mostly traffic laws) every week, and the current system randomly imposes punishments, with such wide latitude given to the police that enforcement is wildly unequal (“driving while black”, for example). And then there are all the small towns that use speed traps to fund their police departments.

What if it were possible to detect and punish every moving violation? Instead of blinding the cops, or keeping the current system where the cute young woman hears “I’ll let you go this time” while the threatening-looking young guy gets pulled out and strip-searched for the same offense, maybe it would be better to actually enforce all violations, with greatly reduced fines for each individual violation, and appropriate guard bands and sensible exceptions put into the law (e.g. you can speed for a short time while passing another vehicle, etc).

Gavin March 6, 2006 12:36 PM

@Peter

I suspect you are talking about Stefans Brands –
http://www.idcorner.org

There are crypto techniques for controlling information dissemination. These should be applied, but without legislation to enforce these techniques, we are going nowhere.

Other comments were made about encrypting information. These are rather naive comments. Confidentiality of communications will not prevent against information leakage. I.e. Mobile phone conversations may be kept secret but one will still know both parties in the conversation and where those parties are located. Such information can be used to determine ones social group, habits etc.

Ari Heikkinen March 6, 2006 1:11 PM

A good article, but is it necessary to always mention terrorists and child pornographers whenever we’re talking about privacy? It starts to get irritating these days, as if everything about privacy would revolve around terrorists and child pornographers. Please.

There’s only relatively few terrorists and child pornographers among millions of law abiding citizens, so it makes absolutely no sense at all to base any decisions about privacy (especially when it affects everyone) on anything that has to do with them. It’s just getting silly.

Anyways, I don’t think there’s anything wrong with say aerial photographing that’s only precise enough to see structures (and how’d you make say maps without aerial photographing anyway?), but not more details like people. It’s ofcourse true that you could increase the resolution to see people or even more details (and technology getting better will make it possible to see even more details), but you’re right that laws regulating it is the way to solve the problem as far as technology and privacy are concerned.

However, there will always be someone suggesting that the government would need to be excempt from the regulation in order to catch terrorists (or whatever happens to be the scare of the day) and I think that’s a much harder problem to solve.

Mark J. March 6, 2006 1:23 PM

I still have to wonder how useful all this information is. Can it really all be processed into any sort of usable form? You would think with such a lack of privacy and so much information available that there would be no fugitives. Obviously that is not the case. I have a very common first name and a very, very common last name. There are three folks here at the university with identical first, middle, and last names as me. A Google search for my exact first name, middle initial, and last name returns 508 hits. Only one or two are actually related to me and those are both reposts of a reply I left on a tech forum years ago.

If someone were to take a special interest in me and started tracking my phone calls, web use, and daily meanderings, then yes, I guess they’d get a pretty complete picture of my life. But that is as it has always been.

I don’t want to seem like the frog in the pan of boiling water, but I wonder if we’re really at the point of Big Brother being able to use all the info he’s collecting. Still, Bruce is on solid ground when he says now is the time to set up legislation to protect our privacy so when BB does have the wherewithal to instantly and accurately correlate all the data, there will be some safeguards in place.

Davi Ottenheimer March 6, 2006 1:30 PM

Here’s the link to the new law (Secure America’s Homes and Businesses Act of 2005 – HR 3632) that I mentioned above:

http://thomas.loc.gov/cgi-bin/query/z?c109:H.R.3632:

`(b) Maximum Deduction- The deduction allowed by subsection (a) for the taxable year shall not exceed–

`(1) in the case of a qualifying electronic premise security system installed in a residential premise, $5,000, and

`(2) in the case of a qualifying electronic premise security system installed in a commercial premise, $50,000.

Davi Ottenheimer March 6, 2006 1:35 PM

@ Mark J.

“I still have to wonder how useful all this information is. Can it really all be processed into any sort of usable form? ”

Think of it like gossip. A little bit of information, gleaned from a lot of data, can go a long way. It’s not that all the information will be used, but some may make it into the “wrong” hands and the potential for harm from misuse (unauthorized), misunderstanding, misinterpretation, or misrepresentation is much higher. In other words, in terms of risk, the lack of privacy controls means you are more vulnerable to exposure and the prevalance/spread of data means the threat is severe. Now you just need to calculate the value/loss of the data exposed…

Michael Birk March 6, 2006 2:39 PM

AG said:
“What is the privacy you describe that is gone away? 100 years ago could you not hire 10,000 to stand next to a road and report who drive/rides by? What has really changed?”

What a silly example. Did anything like this ever happen? No, because it is highly impractical. You’re comparing that to video surveillance (or any of the other privacy issues being discussed), and asking “what has really changed?” Really?

“The amount of ‘watching’ does nothing to the ‘rights’ involved.”

I’m not sure I entirely agree with that. Do we not have stalking laws?

However, you might be trying to make the point that, when it comes to our “rights”, we only have a “reasonable expectation of privacy” in our homes (and public restrooms, changing rooms, motels, etc.) if we take “reasonable steps” to maintain this privacy (shut the doors, cover the windows, and so on). In other words, we have never had any privacy outside of the home anyway, so we should not expect any now.

I hear that argument a lot (e.g. check out Bruce’s other recent articles on privacy). While technically correct, this line of thinking only considers our theoretical underpinnings of privacy, ignoring the practical realities. The reality is that humans hate to be watched, and that for our entire existence, we have gone about or daily business confident that we were not being watched — and we were mostly correct in that assumption. (And when we were incorrect, bad things followed …)

Only in the last few decades has the technology emerged to turn this assumption on its head. And only very recently has digital technology dramatically reduced the cost, making it widespread. And only in the near future will data storage, aggregation, and mining techniques permit all of this input to be processed.

To ignore the changing technologies and apply the concepts of yesteryear is, to put it mildly, foolish.

an Anonymous Coward March 6, 2006 2:46 PM

Bill being introduced in New Jersey. You can get to it by clicking on “an Anonymous Coward” below.

This bill would require an operator of any interactive computer service or an Internet service provider to establish, maintain and enforce a policy requiring an information content provider who posts messages on a public forum website either to be identified by legal name and address or to register a legal name and address with the operator or provider prior to posting messages on a public forum website.

 The bill requires an operator of an interactive computer service or an Internet service provider to establish and maintain reasonable procedures to enable any person to request and obtain disclosure of the legal name and address of an information content provider who posts false or defamatory information about the person on a public forum website.

 In addition, the bill makes any operator or Internet service provider liable for compensatory and punitive damages as well as costs of a law suit filed by a person damaged by the posting of such messages if the operator or Internet service provider fails to establish, maintain and enforce the policy required by section 2 of the bill.

Michael Birk March 6, 2006 3:27 PM

I have not heard too many practical suggestions so far. Here is a summary; please correct me if my characterizations are unfair:

ted: No legislation, (or) eliminate the government, but don’t look to the market. Wait, what was your point?

Damon: “Transparent” surveillance — Okay, you can watch me, but I can watch you too.

Emery Jeffreys, Not As Anonymous, another_bruce: Deal with it. Use encryption and/or cash if you are worried.

Mike Sherwood: Database corruption — Use bogus data in form fields.

AG: Civil courts — information about me is private property.

Bruce Schneier, Alan De Smet, Mark J: Legislation — but nothing specific.

This is not very encouraging. We need real ideas.

I think AG has a solid point about private ownership of personal information. However, I don’t think it is adequate, because it doesn’t define what happens when personal information is abused. Waiting for the courts to establish precedent is, in my opinion, dangerous.

I agree with Bruce et al that we need legislation. So I’m hoping that the debate steers towards that topic. Specifically, what kind of legislation?

It’s tempting to outline all of the bad scenarios and create corresponding laws. However, this may be futile, because of human ingenuity and changing technology. There’s probably an infinite number of bad scenarios awaiting us.

Elaborating on AG’s idea, perhaps we can build on the existing framework of copyright law and intellectual property. I have to admit, it pains me somewhat to write that, given how frequently the system is abused. However, most of society — myself included — is unquestionably behind the basic concepts of IP.

This would require that we pin down the fuzzy concept of “personal information.” Then we could define what constitutes (the equivalent of) “fair use” of this information. Finally, we could define penalties for “infringement” (illegal copying) of this personal data.

Thus, for example, video of me would constitute personal information which could not be copied. Fair use would permit using this video for, say, security purposes, but would not permit you to sell this information to an aggregator.

I would agree that building on a broken foundation (IP law) is dangerous. However, because of changing technology, we must address the failures with IP law anyhow. Perhaps in the process we can define “privacy” for the 21st century.

D March 6, 2006 3:41 PM

On identity theft:

I have a great defense against it– I have credit card balances and a second mortgage that I haven’t paid on in three years.

Logical Extremes March 6, 2006 4:16 PM

Damon, I think your comments perhaps reflect a utopian ideal, never realizable because humans by their nature are greedy. It’s the tragedy of the commons. Given the option, many people will seek to exert more control and extract more benefit from society while contributing less. I think our only hope is twofold: 1. legislation that protects individuals FROM government and corporations, and; 2. Individuals being knowledgable about security and actively protecting their personal privacy.

Anonymous March 6, 2006 4:58 PM

The difference between today, and a small town a hundred years ago, is that a hundred years ago you could always move to another small town in another state and your reputation wouldn’t follow you.

As for Brin: I’m not so sure the power is that imbalanced. If I simply ask to see the cop’s ID, that’s imbalance. But if I record video of my entire interaction with that cop, and post it on the internet, he’s liable to behave. Nobody wants another Rodney King situation.

I alone have very little power. All private citizens together have quite a bit.

Unsurprisingly, the same people infringing on our privacy are clamping down on information disclosure by government, and arresting private citizens for taking pictures.

Davi Ottenheimer March 6, 2006 7:23 PM

@ Michael

“The reality is that humans hate to be watched, and that for our entire existence, we have gone about or daily business confident that we were not being watched — and we were mostly correct in that assumption. (And when we were incorrect, bad things followed …)”

This makes me think of the theory of evolution more than anything. I suppose if you are aware that someone/thing is watching you, you are more likely to prepare to survive whatever comes next…

“This would require that we pin down the fuzzy concept of ‘personal information.’ Then we could define what constitutes (the equivalent of) ‘fair use’ of this information. Finally, we could define penalties for ‘infringement’ (illegal copying) of this personal data.”

But what if it is impossible to put a pin on things that are fuzzy — to define “fair” use versus “unfair”? This really takes us back to the question of who carries the burden of proof, and what are the rules of engagement, no?

Also reminds me of cultures that advocate sharing and borrowing as a principle of living well, the very opposite of our IP laws that suggest success comes from assertion/defense of exclusivity.

fred March 6, 2006 8:09 PM

Humankind is pretty bad on anticipating things. Usually we evolve by reacting. Here we know that may become a problem but since this doesn’t affect directly our health or our life we are procrastinating and we are focussing on things we think are more important at that time, our little comfort.

Bruce Schneier March 6, 2006 10:41 PM

“That is how we CAN win. Defending privacy is how we WILL lose. Defining information as property is how we will WIN.”

Um, no. Defining information as property is how we will all lose. Defining privacy as a right is how we will win.

Bruce Schneier March 6, 2006 10:43 PM

“Some years ago I read a security book where the author said it was no use relying on laws for privacy and he’d rather rely on mathematics. I suppose I could search on the web – he’s probably got a blog these days.”

I’m pretty sure he recanted in a later book.

Bruce Schneier March 6, 2006 10:45 PM

“What is the privacy you describe that is gone away? 100 years ago could you not hire 10,000 to stand next to a road and report who drive/rides by?”

No, you couldn’t. Well, you could in theory, but you couldn’t in practice.

“What has really changed?”

That’s exactly what has changed. What was once only theoretically possible has now become easy.

“In the past, personal and political liberty depended to a considerable extent upon government inefficiency. The spirit of tyranny was always willing; but its organization and material equipment were generally weak.

“Progressive science and technology have changed all that completely.”

“Science, Liberty, and Peace,” Aldous Huxley, 1948.

Imagine what he would think of today’s technologies?

Bruce Schneier March 6, 2006 10:47 PM

“As for Brin: I’m not so sure the power is that imbalanced. If I simply ask to see the cop’s ID, that’s imbalance. But if I record video of my entire interaction with that cop, and post it on the internet, he’s liable to behave. Nobody wants another Rodney King situation.

“I alone have very little power. All private citizens together have quite a bit.”

Agreed. The keys to making this work are aggregation and leverage.

ted March 6, 2006 11:30 PM

@Michael Birk
You didnt get me or maybe I wasnt clear enough – the only negative in the system is the government, markets always solve all the issues that are input into them, otherwise they wont be markets. So to put it even more bluntly – take the government power to divide and conquer away and leave it to individuals to negotiate their own rights (of property).

@Bruce
There is a larger ideological issue it seems, when you say we will win by defining privacy as a right. Well, it has been defined as a right at least for the last hundred years or so – and we are nowhere near winning. How many more centuries would the project of privacy as rights need until things go better?

The deep underlying philosophical problem of priacy as a right vs privacy as property revolves around the fact that rights are bestowed to you by authority, whereas property is yours from the get go (or from a free exchange). When you delegate the capacity to bestow rights to an authority (the government), as Bruce proposes, you inherently delegate also the capacity of this or any future government to redefine or take those rights away. In effect your rights are not yours, but a lease from giovernment. However, in a system where private property is respected and your privacy is your property, it is realy only you who decides what to do with it.

So actually the choice is not between good government legislation and bad governemnt legislation – the very institution of legislation without contractual obligation is the problem.

I can illustrate this with a very recent example: Walmart has a problem with local competitors who beat it on price. What does Walmart do? In a free market system Walmart will have to either increase the quality of its products or further decrease prices in order to attract clients. In the USA of today (which is nowehre near a free market), Walmart actually lobbies the government for the increase of minimum wage. Everyone ignorant of economics (the majority) is happy because they think Walmart has demosntrated it is a ‘moraly responsible corporate citizen’ by respecting ‘the right to a decent wage’ etc etc. In fact Wallmart has calculated that it can offset the wage increase (economy of size), while the local competition will have to reflect the increase in wages (and hence expenditure) in its prices and hence lose its competitive advantage over Walmart, and hence get thrown out of business. Walmart wins, many small businesses disappear, Thats how you end up with big corporations, big government and zero privacy.

Cheers

Michael Birk March 7, 2006 12:16 AM

@Davi
I think we are indeed genetically pre-programmed to notice “staring eyes.” (I am no expert, however, so I’m merely speculating.) Who hasn’t, at one time or the other, had the “feeling of being watched?” When this feeling is persistent, isn’t that one of the classic symptoms of paranoia? To subject the entire populace to pervasive surveillance seems like a kind of torture — even without considering the potential abuses.

“But what if it is impossible to put a pin on things that are fuzzy — to define ‘fair’ use versus ‘unfair’? This really takes us back to the question of who carries the burden of proof, and what are the rules of engagement, no?”

You are correct. My “proposal” (to erect privacy law on a foundation of intellectual property law) never got down to the hard work of spelling out what is and what isn’t legal, or what the damages might be. That has to be done in any case. I was just expressing my concern that, without some underlying principles that anyone can grasp (such as, this is mine), we won’t keep up with the innovation of the “bad guys.”

Davi Ottenheimer March 7, 2006 12:26 AM

“Defining information as property is how we will all lose. Defining privacy as a right is how we will win.”

Win? I’m a little skeptical of these absolute-sounding win/lose projections (how exactly does one keep score) in philosophical reasoning.

I am tempted to split hairs about a right to property versus a right to privacy, but the deeper point is really that disparate philosophical systems often have incompatible axioms and rely on external systems for resolution. The property rights concept is tempting since it promises something from a system with more tangible and familiar boundaries…

In fact, in the hallowed American system of resolutions, California Senators Feinstein and Boxer proposed “the principle that consumers should have the right to decide when, how and to whom their personal information is shared.” But even that phrase was too controversial for some in office, like Senator Shelby (R-AL), who openly said consumers should not care for protection from companies who want to expose their data to unknown affiliates:

http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2003/11/05/MNGOD2QBGB1.DTL

And the National Retail Federation even suggested that “The Feinstein-Boxer amendment could adversely affect retailers’ ability to offer basic customer service and the access to credit that customers have come to expect”.

I’m not sure what you all are expecting, but personally I would happily give up basic customer service if I could know with certainty that my privacy was being honored (this might be a good segue into the W3C P3P concept). Customer service has some value, but it’s hardly in the same ball-park as privacy…

Anyway, it gets pretty sticky to say that defining privacy as a right will “win” when guys like Senator Shelby (a self-proclaimed privacy advocate himself) openly state that the right to privacy ends (is qualified?) wherever a large affiliation of loosely-connected companies might exist…

Davi Ottenheimer March 7, 2006 12:33 AM

“The keys to making this work are aggregation and leverage.”

Ah, there’s that external system of resolution I was referring to just a minute ago…when everyone fails to agree on how to arrive at the definition of a “moral right”, we end up moving down the well-trodden path to “might makes right”.

Speak softly but carry a lot of leverage.

Michael Birk March 7, 2006 12:40 AM

@Bruce
“Here’s a great start: http://www.schneier.com/blog/archives/2006/02/a_model_regime.html
Thanks Bruce, that was an interesting read. I agree that it’s a start. Do you stand behind the analysis and suggestions of Solove and Hoofnagle? Is there any place where you have summarized your specific policy recommendations? Is there any similar work relating to video surveillance?

“Defining information as property is how we will all lose. Defining privacy as a right is how we will win.”

Are these really incompatible viewpoints? How exactly do we lose by defining (personal) information as property?

[Sigh … so many questions, so little time. You’ve probably answered them all before, several times over. Feel free to ignore.]

Karl-Friedrich Lenz March 7, 2006 5:32 AM

While you are right that legislation is needed to counter the technical erosion of privacy, the opposite is happening right now.

Europe has just recently nuked existing privacy protection in the telecommunications sector. While it was prohibited to store traffic data before, it will now become mandatory.

And at least as privacy violations by the government are concerned, recent developments in America don’t give much reason for optimism either.

Cowering Anonymously March 7, 2006 10:09 AM

@ted
Free market mechanisms are, in an ideal world, the best way to go. But no single approach ever satisfactorily deals with every problem.

“markets always solve all the issues that are input into them, otherwise they wont be markets”

This depends on your definition of ‘solve’. Just as in the discussion on the ‘power imbalance’ in interactions with authority figures, not all players in a market are equal. You may very well own your private data, but your assumption of the ‘free market’ assumes that no one will be able to force or leverage you into giving it up. What happens if you sell some of your private data to one party, who then sells it on to other parties (possibly for greater profit)? The moment you give up control of your data, it’s gone. This would then require some form of legislation/government control (or other regulatory process) to enforce that ‘what is yours is yours’. How do you enforce your control over your property? While I agree with you that .gov is often an impediment to market processes, it is also (in most systems) a prerequisite to allow that market to exist/function in the first place.

“In effect your rights are not yours, but a lease from giovernment. However, in a system where private property is respected and your privacy is your property, it is realy only you who decides what to do with it.”

I entirely agree with your statement here, but the problem still remains that a ‘system where private property is respected’ does not truly exist.

@Bruce, Davi, Michael, et al (sorry to group you guys under one heading, I do realize you’re making differing points)

Like you, I feel some form of legislation is the way to go. It is a slow, painstaking process that often runs years behind current issues, but as long as we live in societies where we must depend on ‘the rule of law’, governments, and judicial systems to look after our interests we must find a way to work within them to protect our interests. The problem all over the world at the moment is that, post 9-11, everyone is running scared. The words ‘terrorist’ and ‘child pornographer’ are being bandied around by every two-bit politician out to make a name for themselves by stepping all over civil liberties and privacy laws. It is a MASSIVE step backwards that legislation in Europe is leaning towards the more intrusive forms of surveillance but this is a direct reflection, I feel, of the increased political tension that is gripping Europe. What it comes down to, is that policy makers are as woefully un/misinformed as the general public and they do not understand the ramifications of policy they are currently championing. People who read this blog are already interested in privacy issues, but 95% of the world population couldn’t care less (even if we ignore the masses for whom clothing, food and shelter are logical priorities over privacy). The sentiment that “if you’re not doing anything wrong, you’ve got nothing to hide” seems to be a widely held point of view. Until we can find some way of informing these people why their privacy should be important to them, we have no real hope of countering the Big Brothers out there. I’m equally disturbed by the increasing ‘wide-scale voyeurism’ that is represented by ‘reality’ TV shows and ‘Big Brother’ type programs. It’s almost as these forms of entertainment are paving the way for a new kind of society where we can all expect to be watched. Who knows, this may just be the natural direction in which human society is evolving.

To sum up my rambling post, legislation and public awareness are the way to go, mixed with increasing consumer awareness of how to guard the frivolous theft of his/her private data.

ted March 7, 2006 11:03 AM

@Cowering

I think I explained what ‘solve’ means already – if you create demand and I create supply for it, then I solve your problem – it doesnt get simpler than that and in fact the supply and demand curve works always and everywhere on this planet of ours.

“What happens if you sell some of your private data to one party, who then sells it on to other parties (possibly for greater profit)? The moment you give up control of your data, it’s gone.”

What happens if you sell your property? Of course you lose control of it because you have transfered the property rights to another person. But, you might quite easily lease part or the whole of your property for a certain period of time and then regain it (as happens everywhere on the planet 24/7). Say, I am willing to lease the information concerning my shopping habits for the next month to a company. We sign a contract in which it is precisely stipulated that this is a lease (or a rent if you wish) and the other party has no right to re-sell the relevant piece of my private property (just like I have no right to re-sell my landlord’s flat).
I find it astonishing that you would prefer to deliver your private property in the hands of a government bureacrat who has no contractual obligations to you and is in no way required to respect it, instead of securing the future of your private property through a contract.

As for legislation – everyone is repeating the utopian mantra that legislation will fix things. What you are saying in effect is that you are giving everything you have to a stranger and saying – here, I give you the power to legislate that I have right to this and no right to that, and some rights for something else. Of course a year later you wake up and you find out that the stranger has chnaged his mind and now the legislation says something entirely different.
Again – check out what is happening in the EU. Three years ago – ‘great legislation for privacy protection’, yada yada yada. Today – suddenly the government decided it will do different and sold you wholesale to the highest bidder.

Finally, it is a simply false claim that a governemnt is needed so markets can exist (eg. so that I can sell you apples). Spontaneous markets form constantly everywhere and thanks god there is still not enough government to cover them all. You are also wrong that a system where private property is respected does not truly exist – it appears in every willful exchange into which the government doesnt intervene.

I realy wish all of you believers in good government and eternal legislations are right, I realy do. Only that so far it hasnt happened and its been more than a century of legislation..

Pat Cahalan March 7, 2006 12:24 PM

“Some years ago I read a security book where the author said it was no use
relying on laws for privacy and he’d rather rely on mathematics.

I’m pretty sure he recanted in a later book.

Heh. Even geeks can’t fight City Hall indefinitely. 🙂

Zoid March 7, 2006 1:23 PM

That New Jersey bill mentioned by Anonymous Coward would certainly stifle blogging. After all, if the person running the blog could be sued for “compensatory and punitive damages as well as costs of a law suit” because someone posted a malicious comment and you, as the blog owner, were unable to verify the identity of the poster, many people running blogs would have to think twice about the financial risk of hosting such a forum.

Seriously, Bruce, what would you do?

Davi Ottenheimer March 7, 2006 2:01 PM

“I realy wish all of you believers in good government and eternal legislations are right, I realy do. Only that so far it hasnt happened and its been more than a century of legislation.”

It’s not so much a belief in good government, but a desire to avoid alternative systems that have been proven to be less desireable.

The best security solutions are often found by dismissing the less favorable options, rather than by struggling in vain to achieve a perfect one.

Since we, as humans, are rarely keen to adopt the same philosophical foundations (thus subverting pure logic as a system of resolution), we end up seeking rules of engagement. The idea that government by definition hurts a free market is like saying that saddles hurt unicorns. If such a wonderful thing existed, we would be fools to try and control it, since it would by definition be utopian by universal standards (not to mention less prone to utter disaster — real world attempts at free markets seem to consistently miss the fact that the private sector is NOT always well-intentioned and/or productive).

Michael Birk March 7, 2006 2:07 PM

@ted:

(Sorry for mischaracterizing your original post.) One of my points is that, even if we define privacy as a property right (as you and I both have suggested), we still need legislation to specify unambiguously what this right is. The alternative is simply to “assert” these rights and hope, when a case finally wends its way, that the courts agree with you.

derf March 7, 2006 4:07 PM

When the computers get smarter and their databases more interconnected, Arnold won’t have to work so hard to find Sara Connor.

Cowering Anonymously March 7, 2006 5:20 PM

@ted:

Free markets can only remain free when buyers and sellers are free to ply their trade on an equal footing. You assume that all business practices are legitimate or that all market exchanges take place according to universal rules of engagement. In the case of trade disagreements/conflicts, or where a stronger party coerces a weaker, more vulnerable, party to act against their own best interest, non-regulated third-party arbitration or mediation will most likely not work. We’re starting to slide a little off-topic here, but my point is essentially that a free market, without the larger context of certain regulatory limitations, cannot long remain free…it devolves into an arena of the survival of the strongest. This is no less dangerous than leaving your rights in the hands of admittedly fickle government bureaucrats.

@MIchael Birk

“we still need legislation to specify unambiguously what this right is”

And a body to ‘enforce’ it. It boils down to the fact that any system of agreement between two or more parties requires a regulatory authority whom the parties are willing to defer to in cases of dispute. It is not as important whether this regulatory authority is government, the courts or some other party as long as its authority is acknowledged by all parties involved. Otherwise it is left to each party in the transaction to ‘enforce’ their own rights; a situation which I think most people would not be too comfortable with.

Don’t get me wrong, I’m not a big fan of letting .gov dictate whether or not I have a right to certain forms (if any) of privacy, but I have even less faith in big business.

@derf

“When the computers get smarter and their databases more interconnected, Arnold won’t have to work so hard to find Sara Connor.”

Yes, but would the Terminator be able to afford to pay the Data Miners for access to their Databases?

ted March 8, 2006 8:31 AM

@Michael
@Cowering

Sorry guys to lump my reply to you together but this is really off topic and I want to be quick. Ultimately our discussion boils down to the old Platonic idea of ‘fear of the mob’ – if we dont have reason (government) to protect us, the mob (the power of the strong) will take us. This is a trick Socrates performs on the poor old sophists (in Plato’s Gorgias) in order to create ground for the concept of universal reason, and this same trick is used by Plato for the argument on the need of a ‘philosopher king’ (or, a modern day fascism). In any case, both Socrates’ and Plato’s arguments are logically untenable. In a dynamic system (such as a human life-span), humans always tend to cooperate in the long run. Such cooperation of course does not eliminate violence but neither do governments (and all of us children of the 20th century should know very well what kind of violence are governments capable of).
Now, there is one specific argument one of you raised which is usually the favourite of proponents of government control over otherwise free individuals or communities. That is the ‘who will enforce respect for property or contracts?’ argument. There are both entirely economical and entirely historical answers to it but I will provide one very contemporary and relevant to this great blog. The arabic banking system known as ‘hawla’ (and targeted by the US gov for obvious reasons) has existed longer than any other banking system in history, that is, it is more than 1200 years old. It is (and has always been) entirely outside any government control, its rules are not written in any codex, it is largely record-free and arguably the most privacy secure money transfer system humanity has invented. Now, according to your and Bruce’s theory such system is completely impossible. Yet, for more than 1200 years millions upon millions of people have enetered into contracts based entirely on trust and without a court or government bureaucrat there to assert what a ‘right’ is or what one can or cannot do with his money…

Ok I wont waste your time with my anarchical rambling any more.

Cheers

Bob March 8, 2006 8:50 AM

Good name in man and woman, dear my lord,
Is the immediate jewel of their souls:
Who steals my purse steals trash; ’tis something, nothing;
‘Twas mine, ’tis his, and has been slave to thousands;
But he that filches from me my good name
Robs me of that which not enriches him
And makes me poor indeed.

William Shakespeare, “Othello”, Act 3 scene 3

This quote I believe captures what personal privacy is really about. Preventing you from having information about me gives me some level of control over the definition and development our relationship.

About a year ago the IEEE Spectrum had an issue devoted to wearable computing. Some envisioned a scenario where you would be identified by my wearable computer as you approached me and all sorts of information would be retrieved and filtered through software to present me with “important facts” about you.

Most likely, you would see in your heads up display a flashing warning stating “Flaming Liberal A**hole” and would either immediately engage me in conversation or you would turn and retreat to the safety of Rush Limbaugh. In either case we might never find out what we shared as common interests or be challenged by logical conclusions different than our own.

As the level of surveillance gets worse it has an even more chilling effect of forcing me to either accept the consequences of my digital persona or to take actions to project a different digital persona in which case I become a slave to that image of myself. Consider, for example, being afraid to read an article in al Jazeera for fear it would adversely affect some of my relations. Then consider the consequences of the loss of a different perspective if I choose to not read that article.

quincunx March 8, 2006 1:21 PM

The problem with the ‘market’ – is that it is not a free market and practically has never been in the entire history of the US. The 19th century was mostly free-market, the 20th century in the US is a period one could describe as statist, corporatist, proto-fascist, protectionist, nationalist, and intervention (market-hampering). Some would say the turning point was the Progressive Era, some would say Civil War (really: War to prevent Southern Seccession) but regardless whenever one sees a so-called ‘market failure’ what they really see is the culmination of past government interference.

For those who think that corporations will seek profits, that is the case indeed. But one has to remember that the consumer is king. Consumers are a fickle lot who decide what goods and services they want and will exchange freely with the companies that provided for them – neglecting and bankrupting the ones that don’t. If privacy is as important as people here seem to think (I agree) then the way to make PROFITS, would be to PROVIDE PRIVACY. You get it? You make the solution a profit opportunity – and guess what? It will be supplied.

Using the gov to legislate will like so many other things lead to the very opposite of what is wanted. Why do people still insist on good government when the biggest problems of today always arise from previous interventions by this venerated group?

Davi Ottenheimer March 8, 2006 1:49 PM

@ ted

Interesting comments

“Yet, for more than 1200 years millions upon millions of people have entered into contracts based entirely on trust and without a court or government bureaucrat there to assert what a ‘right’ is or what one can or cannot do with his money…”

Story-telling, poetry, song and other oral traditions had a similar system but clearly it has succumbed to DRM issues over the past century. I challenge anyone to say this has been a clear case of benefiting the consumers. Disney has managed to trademark a vast number of representations of folk-tales, such as their interpretation of Cinderella, that has actually arguably impeded creative growth and innovation in some specific areas:
http://en.wikipedia.org/wiki/Cinderella

I guess this takes us back to the question of, despite history, who will end up defining/controlling public privacy rights. Imagine Disney diversifying…

@ quincunx

“But one has to remember that the consumer is king. Consumers are a fickle lot who decide what goods and services they want and will exchange freely with the companies that provided for them – neglecting and bankrupting the ones that don’t.”

Wow. I’d like to meet one of these super consumers and the even ground you describe. They sound awesome. Back to reality…

quincunx March 8, 2006 2:11 PM

@Cowering

In your last response to Michael Birk you seem to be sound on the concept of third party arbitration and mediation. Yet you do not apply it to your response to ted. The free market can provide these agencies as well. Two parties in exchange may already be represented contractually in advance by these agencies, and these agencies may already have contracts with each other. In other words you have a decentralized government – or free government. Every free individual can be represented by such agencies, and every individual can quit and join another one. Unlike involuntary taxes expropriated by a monopolist- you voluntary pay an ‘insurance premium’ for being represented by your agency.

Because you pay for this voluntary – any attempt by your agency to break your contract or otherwise engage in immoral behaviour towards you or others will result in you withdrawing your funds from this agency. Any agency that uses force as it’s primary arbitration tactic will be bankrupted. Compare this with what we have now – war is waged and paid for by willing AND unwilling citizens who took no role in engaging in it. It is obvious that when one doesn’t have to use his own money – one will be a much greater risk taker and warmonger.

For those who think that the above is insane – let them be aware that we are still living in an age of barbarism. True civilization, if it is to come, must ultimately rest on the free market based on private property that is homesteadable and contractually exchanged.

@Davi

“Story-telling, poetry, song and other oral traditions had a similar system but clearly it has succumbed to DRM issues over the past century. ”

And DRM is enforced by who? The big corporations (the result of which I describe is precisely because of previous government intevention) ? Who gives these corporations arbitrary monopolies on intellectual rights? And who backs up the MPAA and legislates to augment technological devices? The big corporations are no saints but they are powerless without the tool of government!

Offtopic: Unlike a given chair (private physical property), that I may own – and you obviously may not, Intellectual property is not really property. My creations and ideas do not impede you from having the similar creations and ideas.

“Wow. I’d like to meet one of these super consumers and the even ground you describe. They sound awesome. Back to reality…”

Although it pains me to answer this: YOU, for one, me for another and basically everyone that can make a subjective value judgment to purchase the goods and services that satisfy THEM.

I know where you are coming from – you look upon people as sheep and chickens without heads. But certainly that cannot be case – otherwise our civilization would be in constant regression. You make the mistake of using your own subjective judgments to criticize other people for not seeing to your superior knowledge and wisdom.

I’m inclined to think you were joking, but tell me where that is not the case. How can an exchange between a business and consumer not be mutually beneficial in the ex ante sense?

Michael Birk March 8, 2006 4:23 PM

@quincunx, @ted, et al:
Your ideas intrigue me and I wish to subscribe to your newsletter.

Seriously, you are free to debate any topic you wish, but it seems to me that you are describing a parallel reality. It is an honorable world, populated by some of history’s greatest thinkers. But it is also a platonic world, only intersecting with ours in thoughts, dreams, and revolutions.

Are you advocating revolution? What would you have me do, today, tomorrow? Nothing? Call me a pragmatist, or call me a fool, but I don’t see any alternative to legislation (or constitutional amendment). Like it or not, that’s our system. Indeed, new privacy laws will be created; it’s merely a question of whose interests they will represent.

So far, the only practical suggestion that I have heard came from Bruce, via Solove and Hoofnagle, in A Model Regime of Privacy Protection: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=681902

As Bruce said, it’s a start.

quincunx March 8, 2006 5:17 PM

The only revolution that is sustaining is one that is built on sound ideas. If one carefully observes the past – they will see that our history is riddled with episodes of freedom and despotism. Indeed there is a cycle between the two. Once you have freedom – it seems that it’s value eventually declines. If you want to do something, follow what you said in the first sentence.

Note Bruces term ‘Regime’ – as if a one size fits all solutions ever work. Do not forget that the biggest usurper of privacy is the very institution that he suggests should pursue HIS one-size fits all policy, UNIFORMLY across the land. Have you ever heard of a corporation that handed out unique IDs such as SSNs and Driver’s Licenses? The fact that they check for them is only because they are mandated to do so.

History is riddled with ‘experts’ who aspire to make society better – only to have the very opposite outcome of what they thought.

There is also the question of who will interpret and enforce the law? Oh that’s right, the very agency that legislates it.

In case you do not know, the US Constitution has been so abused – that frankly I don’t know why we still use it. We believe it still means something – but the interpreters have drastically changed it’s meaning.

I can give you some examples. The Federal Reserve Act was admitted unconsitutionaly. The 16th ammendment (Income Tax) was struck down as unconsitutional the first time it was proposed – although later still ammended, albeit in an unconstituional manner. Remember Alcohol prohibition? At least that was an ammendment – what about drug prohibition? They didn’t see a need for that anymore. The right to own guns – is no longer a right, but a privelege (yes, having to fill out a form makes it not a right). Distributivism (welfare) was found unconstitutional in the 1890’s.

How about the recent CAN-SPAM act? Did you think it would reduce the number of spam? Do you still believe it could work if serious money and enforcement was applied (imagine the privacy violations with that!).

Well with proper theory one can tell a priori – that such legislation could not reduce the amount of spam. The ONLY thing it could do is reduce the number of spammers. See the difference? In the attempt to do something ‘good’, enforcing it severely would not only violate the rights of innocent people, but also create a spam cartel. The drop in the supply of spammers (from fear or captue), would only create more incentive to come into the ‘lucrative’ spamming business. Now you see the parallel of why drug prohibition does nothing to reduce the amount of drugs traded. The only thing that could reduce spam is A) technological developments created in the market. B) people realizing that they do not want/need to buy from spammers (hence reducing demand for their crap) – and since people engaging in voluntary exchange is the market – the solution to both is: the market.

Here is my approach to minimize the privacy issue (note that you can’t get rid of it completely as long as people are willing to engage in trade):

1) Get rid of social security
2) Private Roads
3) Privatize Driving Certification
4) Get rid of the FCC
5) Get rid of burdonsome business legislation
6) Get rid of antitrust laws (really anti-competition laws)
7) Get rid of zoning laws
8) Get rid of occupational licensing (another cartelizer)

Just go on down the line, getting rid of as much as you can.

the more things you get rid off the better off everyone will be.

Just #1 and #2 will do a lot already.

“As Bruce said, it’s a start.”

Indeed it is a start – but the question is really if it’a a good start. I do not deny that it MIGHT be beneficial, but I feel that

A) it is incompatible with a lot of other legislation, which will create moral hazard for everyone, or it will be extremely compromised and augmented that the ending legislation will be worse.

B) It may go through and be a ‘dead letter’ and ineffective document that no one really wished to implement.

C) It is absolutely wonderful and every business wishes to adopt it, except the only ones who manage to do so are the ones that have economies of scale, and I don’t mean that in terms of production. I mean that in terms of bureaucracy. I fear that the this burdonesome legislation might cartelizze many industries to a further extent in favor of those that have economies of scale in bureaucracy. Which in time, hapless individuals will wonder why we keep having a lot of concentration in industry, as if economic theory or empirical evidence does not exist to show why this happens.

Michael Birk March 8, 2006 6:29 PM

@quincunx:
Thanks for your thoughful reply. By quoting the great Homer (Simpson), I joked (or rather, tried). But in fact, your ideas do intrigue me, and they are certainly worthy of discussion and debate. I agree that the Constitution has been — is being — corrupted by powerful forces, and, to quote a revolutionary, “I have not yet begun to fight.” I was not around when battles waged over Income Tax, Prohibition, or Civil Rights. But I am here now, during the battle over Privacy.

“Here is my approach to minimize the privacy issue …

1) Get rid of social security
2) Private Roads
3) Privatize Driving Certification
4) Get rid of the FCC
5) Get rid of burdonsome business legislation
6) Get rid of antitrust laws (really anti-competition laws)
7) Get rid of zoning laws
8) Get rid of occupational licensing (another cartelizer)”

Perhaps, but how realistic is this, without incurring a bloodbath? How many people would support these changes?

“Indeed [the Solove and Hoofnagle proposal] is a start – but the question is really if it’s a good start.”

I agree completely — hence the desire for more debate. It’s worth going back and reviewing Bruce’s old threads on the subject, but I still found myself wanting. Your concerns about this proposal are valid, but I think it is worthy of closer scrutiny.

In my opinion the paper reveals it’s backwards-facing view, for example, with the naive suggestion to bar businesses from using the SSN as an identification number (section III-8, page 18). To what end? Since it is already in common use, it’s not a secret. Moreover, it would cost enormous sums of money to update existing systems. The SSN would merely be replaced with some other de-facto universal identifier. I can see some benefits to this idea, but not the ones described in the paper.

However, they’ve already been beat up over that one (the “Comments” section is particularly interesting), so let’s examine another suggestion: One-Stop Exercise of Rights. Mimicking the “Do Not Call Web site … individuals should be able to enroll in a centralized do-not-share registry” (section III-3, page 14). This is, in my opinion, an unnecessary capitulation. The Do Not Call plan was a “compromise” to appease existing telemarketers; what reasonable person chose not to enroll because they actually wanted calls from telemarketers? (To be sure, some chose not to enroll for other reasons.) The danger posed by data brokers is much greater than that of the telemarketer. If this proposal is boiled down to an on-off switch, I think it is worthless. (To be fair, they do propose a screen with some fine-grained control.)

I suppose this paper takes an even “more pragmatic” tack than I would. Moreover, it’s scope is fairly limited to that of data collection. It doesn’t discuss penalties in detail. What about video surveillance, face recognition, “xray vision,” and all the other new — and sometimes frightening — technologies coming down the pike?

It’s a start.

quincunx March 8, 2006 8:05 PM

“Thanks for your thoughful reply. By quoting the great Homer (Simpson), I joked (or rather, tried). But in fact, your ideas do intrigue me, and they are certainly worthy of discussion and debate. I agree that the Constitution has been — is being — corrupted by powerful forces, and, to quote a revolutionary, “I have not yet begun to fight.” I was not around when battles waged over Income Tax, Prohibition, or Civil Rights. But I am here now, during the battle over Privacy.”

I got the Simpsons reference. I say it myself all the time.

Indeed you are here and now discussing Privacy, but I would not bring up the others if they had no relevance. They demonstrate what happens when you leave market forces and plunge into political backwaters. Just the concept of having an agency protect my privacy when it itself is the biggest usurper of it, strikes me odd and to use a scientific term: ass backwards.

“Perhaps, but how realistic is this, without incurring a bloodbath? How many people would support these changes?”

Well, if one traces the origins of all these you’d see that they did cause some mayhem, and possibly bloodbaths. The reason they came into being was the intellectual climate of the time. Things were promised to people – and the arguments sounded good (btw, most of these came over from Germany in the late 19th century. Germany being the origin of PhDs), and people being rationally ignorant, and economically ignorant went along with it.
But these ideas were bad – they had consequences – and then we have today. Today is the culmination and legal aggregation of poor ideas of the past, most of them incompatible with the past past (constitution) – but because one agency legislates and the SAME one judges (they both steal your money) – this perversion of law has occured and will continue to occur as long as the same intellectual climate clamors for fascism, mercantilism, and all-around statism of the recent past.

The way to achieve the objective is to spread the right ideas – and argue why government intervention does not and will never work (duh, unless the intervention is to get rid of past intervention completely at once or step-by-step).

“I agree completely — hence the desire for more debate. It’s worth going back and reviewing Bruce’s old threads on the subject, but I still found myself wanting. Your concerns about this proposal are valid, but I think it is worthy of closer scrutiny.”

I agree, which is why I said it MIGHT work. But it will definitely work if the other side of ledger gets rid of past intruding legislation.

“In my opinion the paper reveals it’s backwards-facing view, for example, with the naive suggestion to bar businesses from using the SSN as an identification number (section III-8, page 18). To what end? Since it is already in common use, it’s not a secret. Moreover, it would cost enormous sums of money to update existing systems. The SSN would merely be replaced with some other de-facto universal identifier. I can see some benefits to this idea, but not the ones described in the paper.”

The problem with SSN is that it exists at all. SSN is your key to government programs, this is precisely why it is so intrusive. The problem with it is that it is heavily cross-referenced. If that was not the case it wouldn’t be a cause for great concern. Example: My banks, my credit card, my electric bill, my ‘shopping’ cards, my cell phone ALL have different unique identifiers. None of these businesses knows the unique IDs of the other. Without government, they would be under contractual obligation to not disclose this information (otherwise I’d go to a business that didn’t – like I said they will be the profitable ones).

Government (Federal and State) comes in and says we need to have unique IDs for various reasons – mostly to steal your money and obtain government ‘services’. Bam! Now every business CAN use these unique IDs and externalize the cost of enforcing their own contracts onto the taxpayers. And because it’s beneficial to do so – they do it! Reduced cost at public expense is an attractive avenue.

Because government isn’t very competent, innovative or productive – they will typically outsource the task of data-mining to third party corporation(s) – typically they will create a monopoly or a cartel in doing so, like for example the credit market.

“I suppose this paper takes an even “more pragmatic” tack than I would. Moreover, it’s scope is fairly limited to that of data collection. It doesn’t discuss penalties in detail. What about video surveillance, face recognition, “xray vision,” and all the other new — and sometimes frightening — technologies coming down the pike?”

The answer is: Private property rights. If you own something and want to put a camera – then that is your decision. Someone else will have to take that into account if they want to do business with you. The fact is most private businesses do so precisely to reduce crime either from the outside or within. Which I guess makes some people safe. Others do not like it and will shop in a place that doesn’t monitor. This is what happens when no unifrom solution is mandated by the nanny state.

X-Rays are bloody expensive and create health risks – so in checking someone out you are physically damaging their body. Which is a crime in itself, UNLESS you contractually, implicitly or explicitly sanction it.

If their is any detriment in scanning your face, the same thing applies.

Keep in mind that most people find these expensive, cumbersome, and YES indeed the market (if not hampered) will show itself how useful they are. Typically only the government and highly skilled criminals will have them. And that is something that should be of great concern to everyone.

“It’s a start.”

I wish I can share in the optimism, I used to. Then I learned history, politics, and economics. Now I know better.

@Bruce:

Thinking it about it some more,

Why would a security expert that makes a plea for simplicity every chance he gets, propose a political solution that results in more complexity written in the jarbled language of lawyers and legislators.
Why do you want to add another patch to a Leviathan monster that is the origin of all privacy violations?
Why add another piece of legislation that will be added to the growing multi-volume book set of federal laws whose INDEX is now over 1000 pages? Especially when it will conflict with the other jumbled non-sense already contained in it (just like everything else past page 1).
It’s a hack and you know it. You can’t make up a bad design with a quick patch.

I suggest you take your own advice and apply it to the world of acting men and women – who in my opinion do not need a nanny to create privacy rights for them – when their non-alienable rights have already been reserved by being alive, and yet they have been taken away by the nanny ‘for their own good’.

If you really want to make a difference then advocate the very opposite of making laws that benefit ANY group at ANY time. Act to repeal laws already in place and have been in place for a long time that creates the very incentives and intrusiveness that you seek to abolish.

I am a big fan of your work, so I don’t mean to insult you.

Bruce Schneier March 8, 2006 9:54 PM

“I suggest you take your own advice and apply it to the world of acting men and women – who in my opinion do not need a nanny to create privacy rights for them – when their non-alienable rights have already been reserved by being alive, and yet they have been taken away by the nanny ‘for their own good’.

“If you really want to make a difference then advocate the very opposite of making laws that benefit ANY group at ANY time. Act to repeal laws already in place and have been in place for a long time that creates the very incentives and intrusiveness that you seek to abolish.

“I am a big fan of your work, so I don’t mean to insult you.”

Not insulted; don’t worry about it.

Adding more laws does add complexity, but it adds less complexity than would result without the laws. So I am advocating more complexity, but I am also advocating the least complexity possible.

I get that there are people who want to repeal as many laws as possible, and think that this somehow makes things better. I think these people have no understanding of the system mechnics of laws, and how they really work.

There really is no way to deal with this privacy problem without laws protecting it as a right. The market can’t solve this problem, because the market mechanics are what create it.

Sorry; I don’t have an explanation on this in my head that isn’t book length. I’m working on it.

Bruce Schneier March 8, 2006 10:00 PM

@ quincunx:

“Get rid of antitrust laws.”

Wow. Reading the rest of your post, I don’t think you are anti-capitalism. But the basic mechanic of capitalism fails when you get rid of anti-trust laws.

Anti-trust laws are a fundamental security mechanism that prevent competitors from colluding. Without it, capitalism simply fails.

That seems like a very bad idea. Capitalism is the best economic system I know of.

(This is probably way off topic for this thread….)

quincunx March 8, 2006 11:08 PM

“Adding more laws does add complexity, but it adds less complexity than would result without the laws. So I am advocating more complexity, but I am also advocating the least complexity possible”

I’m having trouble deconstructing this. You are saying that complexity in law may yield simplicity in practice?

Does this apply to your law? some laws? more laws? or all laws?

“I think these people have no understanding of the system mechnics of laws, and how they really work.”

Uhm, they typically use compulsion and coercion to control the behavior of its citizens. I know that every civilization in history has prior to being defeated, created tons of laws that hampered economic progress. Things like price fixing, and regulation have brought down more civilizations than one realizes. China’s decline in the 15th century is a testament to that.

I know that prohibition does not work, and creates underground economies.

I also know that laws are passed on the pretense that they beneficial – yet economic realities always bite back. Give me an exclusively public law (not one that is also private – like not stealing) – and I will tell you the harm it created, and usually the typical propaganda (or plain misconceptions) that was used to popularize it.

“There really is no way to deal with this privacy problem without laws protecting it as a right.”

I agree, but why one-size-fits-all governmented mandates top-down law?

“The market can’t solve this problem, because the market mechanics are what create it.”

The market created social security, and has been issuing driver’s licenses?
Today’s bank’s regulate themselves, and use a commodity money? The market created a big central bank that ‘legally’ counterfeits money? The market steals money from you by threat of force, and then uses it to give to other people, just so that they would vote for their CEOs?

Some members of the market did that, but only using the government as its tool!

“Sorry; I don’t have an explanation on this in my head that isn’t book length. I’m working on it.”

Will be glad to read it. Carry on.

“Wow. Reading the rest of your post, I don’t think you are anti-capitalism.”

Of course not. Why would I be against civilization? I adore it.

“But the basic mechanic of capitalism fails when you get rid of anti-trust laws.”

That’s what they told me in school too, and I believed it, but upon careful research, it turned out not to be the case. In fact there is much literature to this.

In fact, almost unanimously every economist in 1890 rejected the Sherman Anti-Trust Act. The biggest misconception is the definition of a monopoly, whose classical meaning for over 400 years has been augmented in favor of the “perfect competition model” appearing in the 1920’s. This model creates a nirvana fallacy of 1) many small firms 2) perfect knowledge 3) homogeneous products 4) low transaction, and then uses mathematical formulas to see if the market conforms to this. Seems ridiculous right? Here is the classical definition: A monopoly is what a government creates, confirms, charters, or otherwise (here is the relevant part) creates laws in such a way as to have restrictive barriers to entry for competitors. Those who are ignorant of economics are typically blind to the fact that their own legislation creates that environment.

Why did this model permeate? Well I guess economists realized that earning an academics salary is just not as good as being an anti-trust consultant. Also, telling people that the economy can be somewhat controlled got you a decent post at a prestigious university or otherwise a lucrative government job. Economists naturally did their cost-benefit analysis, and chose wisely.

“Anti-trust laws are a fundamental security mechanism that prevent competitors from colluding. Without it, capitalism simply fails.”

Security mechanism? So if me and my friends decide to do with our properties as we wish – we should be jailed or otherwise threatened?

Every law is an act of collusion. A few people get together, babble a lot, make it a law – and bam! everyone has to obey. That is how politics works.

In the unhampered market – the very incentive to collude (in the effort to maximize profits) is the very incentive that would lead you to cheat on your agreement (in the effort to maximize profits). That is why no cartel exists in an unhampered market for any significant time. Government law is always the explanatory factor of why they last.

Also, it kinda destroys the common law notion that you know the crime you are committing ahead of time. With your typical anti-trust cases, you have your competitors colluding with the prosecutors to figure out why you are a monopoly. And you don’t know that you did – until the judge tells you and estimates a magical number that will never go to the consumer, but to anti-trust lawyers, and pork!

Here’s some links:
http://soba.fortlewis.edu/elliott/notes_on_competition_and_monopol.htm
http://www.mises.org/journals/rae/pdf/rae9_2_3.pdf

“That seems like a very bad idea.”

I wouldn’t propose it if it was.

“Capitalism is the best economic system I know of.”

Indeed, too bad we live in a Socialist society.

“(This is probably way off topic for this thread….)”

I disagree – it is precisely on topic. If you want to solve the problem you typically strike at it’s root. Trimming the leaves off the branches will not do it. If you want your privacy protected you have to hamper it’s biggest usurper.

Now if you really want to play politics, you should log roll a section about NEVER ISSUING NATIONAL IDs. Don’t worry congress never reads the fine print.

Michael Birk March 9, 2006 2:49 AM

@quincunx:
Inspired stuff but, as far as I can tell, completely theoretical. You work to change the system, I’ll work to affect change within the system. That way we’re hedging our bets 😉

“The problem with SSN is that it exists at all.”
I agree, but — at the risk of leaving a permanent scar on my forehead — it exists. We can’t take that back. Cat’s outta the bag.

The “benefit” of banning the SSN as an identifier for private business is precisely what you mentioned: integrating (i.e. cross-referencing, or linking) different databases becomes more difficult. However, without any restriction, what is to stop Acxiom and Co. from creating a new de-facto standard identifier to replace the banned SSN? What is to stop data brokers from using other fields, such as Name and Telephone Number, for integration? What will stop them from using more advanced integration techniques such as triangulation?

The real problem is database integration — we need to address that head-on.

Does anyone know of any substantial policy proposals that tackle this extremely thorny problem? I’m sure such a fundamental issue of privacy has been analyzed by our best and brightest, no?

The Solove and Hoofnagle paper just dances around the main issues. For example:
“Companies that collect personal information should be required to first obtain an individual’s consent before using it for an unrelated secondary
use”

That would be nice. Unfortunately, there is no definition of “personal information,” no description of how this process might work when there are multiple third parties involved, and no specification of “secondary use.” And, certainly, no underlying framework (e.g. property rights) on which to pin these new rules. It’s a vague suggestion, at best.

Every sphere has its policy wonks who’ve already figured it all out, or so they think. Hopefully privacy and database integration is no different; I’d like to read their proposals. I haven’t hung around here long enough to know who fits the bill.

quincunx March 9, 2006 3:31 PM

“Inspired stuff but, as far as I can tell, completely theoretical.”

Well actually they all preceded the formation of the US, and has occured anywhere and everywhere people were relatively free for any amount of time. The private sphere produced what today would be contrued as “public goods”.

‘The “benefit” of banning the SSN as an identifier for private business is precisely what you mentioned: integrating (i.e. cross-referencing, or linking) different databases becomes more difficult. However, without any restriction, what is to stop Acxiom and Co. from creating a new de-facto standard identifier to replace the banned SSN? What is to stop data brokers from using other fields, such as Name and Telephone Number, for integration? What will stop them from using more advanced integration techniques such as triangulation?’

Acxiom can not create a universal identifier that can be cross-referenced with all your life activities unless it’s got government support. It will have to compete with agencies that think their numbering system is best. New agencies (competitors) will not gain the admiration of Acxiom, and hence will be allowed to cut into their business by sharing in their database.

What forces a bank to disclose information? The market? no the government. This issue does not pop up in Switzerland or the Cayman Islands. In other words you have private contracts between the agency and the customer. If that agency shares – they are in breach of contract, so sue them. It is because we do not have private contracts, but implement ‘public’ contracts that allow our information (private property) to be collected and disseminated by third parties that government pays.

Most of these data-collection agencies use PUBLIC information.

If you still think that unregulated banks and other institutions will engage in third party information sharing – you and others are free to open a place that does not – and earn a nice profit.

“The city of Baltimore uses aerial photography to surveil every house, looking for building permit violations.”

That’s why I worry about – my tax money being used to incriminate me in minor infractions based on ridiculous violations of stupid laws – that themselves violate the very notion of private property on which this country was built.

Aside from that example – I can look up any property in my county – see who ones it, and see how much they paid for it. The internet makes it more convenient, but this intrusion into other people’s private property has been in place for over 80+ years. Why does this exist? So that your property can be assessed (i.e. expropriated). Just walk in to a public building and get what you want.

“However, without any restriction, what is to stop Acxiom and Co. from creating a new de-facto standard identifier to replace the banned SSN? ”

What is to stop me from making a database of people who posted here? I can assign 56GH79 to you, and there is really nothing you can do. right? If you post your private information, you can not complain that someone might catalog it.
The problem only occurs when that information is used to harass you. That is an invasion of your private property (of self).

“What is to stop data brokers from using other fields, such as Name and Telephone Number, for integration?”

You mean what is to stop them from using a phone book? Look if you want to participate in the global economy you have to be in contact with others, it is up to you to disclose as much information as you need to get by. You will tend to do business with those that respect that.

“What will stop them from using more advanced integration techniques such as triangulation?”

Get rid of the FCC, and innovation will pour out immediately.

Well first of all, triangulation is good for medical emergencies, so it seems like a good idea to have a phone switch that could augment that ability.

One way – technologically – would be to use antenna hoping, you force the signal to jump an arbitrary or random number of hops and you delete the record from where it came at every hop. So if I’m at location X, and antenna A, B, C are both reachable. A will be forced to sent to D, B to E, C to F, and D E F will not know where the signal came.

I can’t tell you the effectiveness of this – but I can assure you that if people are not hampered, and can experiment will all sorts of technology – the good solutions will dominate.

Encryption can easily be implemented into a cell phone. In a very rudimentary way, you can distribute keys after a physical meet with someone. What prevents encryption via cellphone? The market? Nay.

“And, certainly, no underlying framework (e.g. property rights) on which to pin these new rules.”

Actually most property rights have been subverted. They existed. You might not be familiar with such concepts as Terrestrial rights, Air rights (1920’s RF spectrum), Water rights, Noise rights, Nuissance (from pollution) rights, passage rights (roads). But they all existed, and even enforced in the US well into the progressive era. Philosophical corruption turned what used to be separately homesteadable property rights into public policy collective mumbo-jumbo.

Keep in mind that this is not the first legal attempt at restricting the loss of privacy. Other attempts hardly had any effect, precisely because it was handed over to the very agency that violates it. The most important mistake was making STANDARDS, standards that were perverted and fell out of time all together. Any attempt to specifically state how technology should limit privacy invasion – would restrict the very development of technology that enables more privacy. You’ll get less privacy good and hard.

enhF94 March 9, 2006 3:55 PM

Seems like today, it’s less-common to use computer surveillance in realtime. Most examples I imagined seem to be using computer surveillance data a) to catch an attacker after the attack is committed, and b) to build a case against an attacker who’s already nabbed. This seems more likely for use against preplanned crimes like credit card fraud.
But what if one could access this information in realtime? Police could guide a K-9 unit to an attacker by, for example, combining data from cell phone/license plate/debit card/google maps/puppies. That leaves a pretty small radius for an attacker to escape from. Kinda “minority report”-ish.
And adds more ability to follow unplanned crimes like robbing a 7-Eleven. (lots of interesting societal consequences from this – police “swooping in”, changes in attack strategy, a much larger pool of likely-to-be-hunted people, racial effects, targeting, profiling)

Though nobody’s built a system to do this yet, it seems possible with today’s technology.

Any holes in this logic?

Michael Birk March 9, 2006 5:27 PM

@quincunx:
“Acxiom can not create a universal identifier that can be cross-referenced with all your life activities unless it’s got government support.”

I am no expert in privacy law, but I don’t think that’s necessarily true. Some data brokers are restrained by existing law, but it is not entirely clear what the boundaries are.

“It will have to compete with agencies that think their numbering system is best. New agencies (competitors) will not gain the admiration of Acxiom, and hence will be allowed to cut into their business by sharing in their database.”

I don’t get this at all. Yes, there will be competition amongst data brokers, giving incentive both to share and hoard information. However, the identifier(s) are just a means to an end: linking databases. Not only would Acxiom et al have difficulty keeping their identifiers secret, but they would probably have good reason to make it publically available. This will enable, from their perspective, a “free exchange” of data.

“Well first of all, triangulation is good for medical emergencies …”

You misunderstood me. “Triangulation” is a technique for linking databases using indirect, or “circumstantial” evidence. Sort of like Sherlock Holmes’ idea of eliminating all other logical possibilities. It is distinct from triangulation in the radio frequency sense.

The point is that, even if we ban standard identifiers (like the SSN), there is enough information out there (like name, telephone number, etc) to cross reference the databases anyway.

“Most of these data-collection agencies use PUBLIC information.”

Yes. And, like the SSN, there isn’t much we can do about that now. Cat’s outta the bag. There are two important issues that you are not fully addressing:

  • “Public information” is not well-defined. More importantly, the definition is changing, quickly, as technology evolves. Thus, when I referred to “xray vision,” I meant not actual X-rays (again, you misunderstood), but rather our new-found ability to “see through walls (and clothes)” using the right technology.
  • Conversely, “private information” is not well-defined. Moreover, there is no good standard for how to penalize those who do share private information. You say “breach of contract, so sue them.” Sue who for what? The class action lawsuits that we have today demonstrate that there is a huge grey area here.

Your answer to all of this seems to be, “well, if we lived in a perfect world …” I’m tired of hearing about that. We don’t.

Michael Birk March 9, 2006 5:44 PM

@enhF94:
“But what if one could access this information in realtime? Police could guide a K-9 unit to an attacker by, for example, combining data from cell phone/license plate/debit card/google maps/puppies … Kinda ‘minority report’-ish … Any holes in this logic?”

Some would say, “kinda Orwellian,” or “1984-ish.” There’s nothing wrong with your logic. Indeed, I think such a system is the logical outcome of our technology and programs such as “Amber Alert.”

The idea of automated, pervasive linking of video surveillance is exactly the kind of thing that concerns me, greatly. That is why I keep bringing up the twin issues of database integration and video surveillance.

Unfortunately, as always seems to be the case, your example portrays the one seeking privacy as “the bad guy.” Imagine the same technology unleashed against you by real criminals.

In any case, don’t “mis-underestimate” the kind of abuse that can occur with data mining. Because of the exponential growth in data storage and network capacity, video cameras will easily archive all data. Why wouldn’t a 7-11 owner sell this information to a data broker?

In some ways, data mining is more insidious than real-time surveillance. It can happen years after the fact, analyzing data in ways that were not possible when the data was generated. It’s almost as if the definition of “privacy” changes retroactively.

quincunx March 9, 2006 6:58 PM

“Your answer to all of this seems to be, “well, if we lived in a perfect world …” I’m tired of hearing about that. We don’t.”

So let’s make an imperfect law on top of all the imperfect laws rather than remove the imperfect laws and let individuals decide the optimal amount of privacy they wish to give up.

MY POINT is that the discussion is moot otherwise. The objective will not be achieved no matter how much smarts is applied, especially at a time when every citizen is a suspected terrorist.

“Why wouldn’t a 7-11 owner sell this information to a data broker?”

Because my 8-12 store next door will not sell it, and will explicitly state so – hence I will attract a bigger crowd.

“Conversely, “private information” is not well-defined. Moreover, there is no good standard for how to penalize those who do share private information. You say “breach of contract, so sue them.” Sue who for what? The class action lawsuits that we have today demonstrate that there is a huge grey area here.”

It is not well defined? Private information is what you keep, and what you choose to give to another agency. The parallel concept is that of non-disclosure agreements, and trade-secrets. Trust me, the law is well defined.

The contract tells you ahead of time the penalty for violating it! That is what a good contract should have – and believe me, most do. In fact, another market strategy is to offer a higher penalty to attract customers from your competitors.

“‘Public information’ is not well-defined.”

Indeed it is. It is what is not private information. IT is what I’m saying right now. This site is a private one – but with public information.

Pat Cahalan March 9, 2006 7:17 PM

To say, “Simply don’t do business with those that require private information” is to provide a non-solution. I chose not to provide my social security number when I acquired a cell phone -> in order for me to do this, I had to pay a $200 deposit (“because we can’t run a credit check without your social security number” which is garbage, fwiw).

I’m in graduate school, and one of the requirements for entry was that I submit a GRE score. The current sole vendor for the GRE exam in the U.S. is ETS. ETS requires you to provide your SSN in order to take the GRE exam.

What’s even less amusing is that they PRINT your SSN on the grade report that they mail to you. I’m quite sure that all those dumpster divers or mail interceptors out there have boundless joy when they see an ETS label on an envelope.

Economics will not solve this problem, because there are monopoly issues at stake. I can choose not to give my SSN to ETS, but then I’m choosing not to enroll in grad school.

quincunx March 9, 2006 7:33 PM

Pat, did you not read what I wrote?

Every problem you mention is government created!

ETS is a government granted monopoly, the only kind that can exist.

Grad school must be centrally accredited by the gov. Ever notice how few new colleges are being built?

Your mail is delivered by a gov monopoly.

The credit check is confirmed by a government backed credit cartel of 3 companies.

Your cell phone provider is heavily regulated as well.

Get rid of the government and privacy will be a non-issue.

Michael Birk March 9, 2006 8:20 PM

@quincunx:
“So let’s make an imperfect law on top of all the imperfect laws rather than remove the imperfect laws and let individuals decide the optimal amount of privacy they wish to give up.”

Sadly, yes, that is the only realistic option.

“MY POINT is that the discussion is moot otherwise. The objective will not be achieved no matter how much smarts is applied, especially at a time when every citizen is a suspected terrorist.”

To summarize: You think my viewpoint is “moot” because it has zero chance of succeeding. I think your viewpoint is “moot” because it has zero chance of happening.

Quite obviously, we are both using this “debate” as a soapbox to espouse our ideas. Fine, but it’s no wonder we’re the only ones left in the room. (Pat pokes head in window)

The fact that “every citizen is a suspected terrorist” is, in my opinion, all the more reason to stop daydreaming and think about something that might actually work.

“[Private information] is not well defined? Private information is what you keep, and what you choose to give to another agency. The parallel concept is that of non-disclosure agreements, and trade-secrets. Trust me, the law is well defined.”

Sorry, I don’t trust you on that point. In fact, I think it is obvious that “private information” is no more well-defined than is “intellectual property.”

“Because my 8-12 store next door will not sell it, and will explicitly state so – hence I will attract a bigger crowd.”

“The contract tells you ahead of time the penalty for violating it!”

What contract have I entered into with 7-11 (or 8-12)? If they post a sign that says, “Unlike 7-11, we promise not to sell video footage of you to data brokers,” is that a contract? How much fine print is allowed? What happens if they do, in fact, sell it? How would I even know?

Given that we don’t, in fact, live in an idealized world with limited government and perfect markets, how do you propose we hold 8-12 to their word?

quincunx March 9, 2006 8:55 PM

“Sorry, I don’t trust you on that point. In fact, I think it is obvious that “private information” is no more well-defined than is “intellectual property.””

That’s because intellectual property is a shortcut for very different bodies of ideas.
Look it up, there’s 500+ years of thought in it.

“is that a contract?

Yes it is an implicit contract. Just like I can’t invite you over to my house, shoot you, and then claim you were tresspassing.

“How much fine print is allowed?”

Allowed? It is not a government edict. If you want consumers buying, you make it short and simple with bold lettering. If you want consumers reading, scratching their heads and walking out you hire a lawyer and those guys that can draw on pin heads.

“What happens if they do, in fact, sell it?””

You get what they promised. And get everyone else to do the same.

Considering the only difference between you and 7-11, is that one thing – you are committing financial suicide by killing off your distinct service.

Have you ever seen those “quality guaranteed or your money back”, or those “if our employees don’t smile you get something free”, or “we break your stuff, we buy your stuff [market price] + 10%? Well they do exist and they are privately enforced.

“How would I even know?”

Ever heard of the media?
Disgruntled employees on both sides of the exchange?

How do you know when government screws up?

[ actually that’s easy: it’s a tautology ]

“Given that we don’t, in fact, live in an idealized world with limited government and perfect markets, how do you propose we hold 8-12 to their word?”

Apparently you never bought anything with a warranty. If you want profits, you keep your word.

Michael Birk March 10, 2006 1:05 AM

@quincunx:
“Yes [the posted sign at 7-11] is an implicit contract.”

No, it’s not. The sign is merely posted notice of whatever rules and policies the station owner has chosen. The difference is, the owner is free to enforce those rules even if you don’t see the sign. You can’t enforce a contract that I don’t agree to.

“Just like I can’t invite you over to my house, shoot you, and then claim you were tresspassing.”

gulp So you think trespassing is “breach of contract”? That example is too extreme to be useful.

“Ever heard of the media? Disgruntled employees on both sides of the exchange?”

Yes, I’ve heard of them.

“Apparently you never bought anything with a warranty.”

Yes, I have.

This keeps getting more and more ridiculous. I’m done.

Davi Ottenheimer March 12, 2006 1:35 AM

“I know where you are coming from – you look upon people as sheep and chickens without heads. But certainly that cannot be case – otherwise our civilization would be in constant regression. You make the mistake of using your own subjective judgments to criticize other people for not seeing to your superior knowledge and wisdom.”

Heh, that’s silly and illogical. You say you know where I am coming from and then you pretty much say the opposite of what I would say. I said you need extra powers (implying it doesn’t matter how intelligent you are) to be successful. And sheep without heads? Wierd. You say I shouldn’t judge, but then you do precisely that…

The problem is that we, as consumers, are suceptible to being cheated in spite of intelligence. That doesn’t mean I think everyone needs more intelligence, or that people aren’t smart enough.

The odds, without rules and regulation, are historically stacked against consumers because we are so suceptible as individuals to all kinds of fraud, deceptive and unfair practices, etc. regardless of how intelligent we are. And even if we are smart enough to figure everything out perfectly, we still do not always have the power or resources to alert others in time (or convincingly enough) to avert a major catastrophe.

Alas, if you documented the behavior of healthy functioning markets, and then tried to imitate them in real life, I’m certain you would quickly discover how many important (security) controls have to be in place to prevent abuse, whether they be implicit or explicit.

From a risk management view, if you can assign a specific value to your privacy then you need to know what threats exist (likelihood of invasion) and how vulnerable you are (severity). It doesn’t do you much good to just hope that the threats will never materialize.

Davi Ottenheimer March 12, 2006 2:01 AM

“Apparently you never bought anything with a warranty. If you want profits, you keep your word.”

Heh heh, funny and rather timely example. Those generous warranties and return policies are subject to abuse, which cuts into profits:

http://news.bbc.co.uk/2/hi/americas/4797400.stm

“US President George W Bush’s former political adviser has been charged with stealing more than $5,000 (£2,900) from department stores.
[…]
The scam allegedly involved Mr Allen claiming refunds for merchandise that he did not buy.”

Engberg March 13, 2006 11:23 AM

@damon
“David Brin’s Transparent Society has a partial answer for this trend: transparent surveillance. If everyone has access to the data and unforgeable logs are kept, then oversight is possible.”

David Brin is wrong – fake transparancy is the only conquence. Criminals and the powerful can always shield themselves.

@ Bruce Schneir
“There really is no way to deal with this privacy problem without laws protecting it as a right. The market can’t solve this problem, because the market mechanics are what create it.”

Well, Bruce. Even though you are certainly right that markets have shown unablw to solve the problem, regulations sofar hasnt done a better job.

I do agree, that loss of privacy is far from a done deal. We may very likely have much MORE privacy in the future as digital technology can help us protect where we couldnt in the physical world.

But we have to face the fact, that Trusted Third Parties do not exist. If they are not trustworthy by design, they cannot be trusted. Criminals can do everything, government can do – Ask the Greek Prime Minister, that had his mobile phone wiretapped by unkown using the build-in wiretapping features.

Regulation and government is both needed and the biggest obstacles to solving these problems.

In my view, the future may likely show you wrong. If you get the business models right, the market is by far and probably both the only and the best way to ensure solutions to basic security needs.

Pat Cahalan March 13, 2006 12:45 PM

I’ve brought this up before on other threads, but I dispute the accuracy of this statement:

Even though you are certainly right that markets have shown unable to
solve the problem, regulations sofar hasnt done a better job.

This statement, or variations of it, is often used as a defense of unregulated free markets.

The problem is that regulation is a process, not a digital switch. There are obviously problems with regulating an industry. We have many examples of regulation leading to unwanted or unexpected behavior on the part of a market force or an individual commercial entity. Regulations come at a cost, both in the implementation and enforcement end.

But these problems tend to correct themselves over time. Look at the meat packing industry. In the early 20th century you had no regulation and Upton Sinclair’s “The Jungle”. Now you can walk into your average U.S. slaughterhouse and it’s cleaner than your kitchen at home (I know, I worked in one while in college). Over that time there are certainly instances of regulatory abuse or ineffectiveness, but in 100 years the overall situation has improved dramatically.

Regulating the financial community with an eye towards privacy will certainly have unwelcome and unforseen consequences. It will take several decades for meaningful regulations (that can be both followed and enforced) to be crafted that allow reasonable consumer protection and a stable market place for the commercial entities.

Pointing at the transition period and saying, “See, regulation is bad!” is hardly an intellectually honest argument.

People point to the airline deregulation of the 80s and the average ticket price and conclude that deregulation was “good” for the consumer. However, deregulation’s positive effect on price came at a loss of agility for some of the airline carriers, which made it difficult for them to recover from the market impact of 9/11 and caused a net overall negative impact on the economy. Citizens of California raved about deregulation of the power industry when prices dropped immediately following the deregulation, and then howled when the energy shortage led to companies like Enron bilking California consumers.

Unregulated free markets encourage companies to produce a product at the best price for the consumer by increasing competition. However, they also reduce margins in a manner that encourages bad corporate behavior -> if your company lives and dies by the quarterly report, and your competitor is producing an unsafe product and undercutting you, you can either lose business and hope that some liability or bad publicity event will eventually catch up to your competitor, or you can adopt the unsafe practice.

Far too often the result of such a situation is the second behavior. Regulations help stabilize the marketplace because you know your competitors have to follow the same set of guidelines that you do.

Michael Birk March 13, 2006 2:54 PM

@Pat:
Well said, and I agree with you completely.

But the response is as predictable as it is tired. Somebody will say, for instance, that California didn’t experience “real” deregulation. In other words, it was actually government interference that caused the spike in energy prices!

Therefore, by this line of reasoning, the only way to experience the benefits of deregulation is to submit wholly to the idea — to become a True Believer — and literally strike down any and all laws that interfere with the free market. Or, at least, keep hacking away until everything looks okay.

Yes, this is an extreme characterization. But that is my point: the extremists — the True Believers — split every argument into a false dichotomy.

I’m firmly in the middle. I think that some regulation is good, and some is bad? And some applications of technology are good, and some are bad.

Moreover, “good” and “bad” are in the eye of the beholder. One man’s trash is another’s treasure.

Does this mean that I have no beliefs whatsoever? No. But I’m not so foolish as to think that these beliefs should be forced on anyone else.

(Sorry, had to vent.)

quincunx March 13, 2006 8:46 PM

@Davi
“And sheep without heads? Wierd. You say I shouldn’t judge, but then you do precisely that…”

I said ‘sheep’ and ‘chickens without heads’. Notice that my judgment did not involve a market transaction. I didn’t judge you on your subjective evaluation of a given product. That’s what we were talking about, remember?

“The odds, without rules and regulation, are historically stacked against consumers because we are so suceptible as individuals to all kinds of fraud, deceptive and unfair practices, etc. regardless of how intelligent we are.

Everyone is a consumer. Even the salesmen that fool you, are just as likely to be fooled when they are acting as consumers.

The market has a great mechanism for dealing with this. You are fooled by someone – YOU don’t buy it again, you tell your friends, you tell anyone, anywhere about your finding. How about the government? When it fools you, deceives you, and treats you immorally do you have choice of not paying for this great service?

Another thing: The concept of “fairness” is subject to so much abuse. For example – some people think that there is such a thing as a ‘fair’ wage, or a ‘fair’ business practice. But no such thing exists – a ‘fair’ wage is what you and your employer agree to, and a ‘fair’ business practice is one that doesn’t involve the use or threat of force. Typically, a ‘fair’ business practice is contrued by central planners as being something your competitors can easily follow – i.e. eliminating your ability to penetrate their market [cartelization ].

” And even if we are smart enough to figure everything out perfectly, we still do not always have the power or resources to alert others in time (or convincingly enough) to avert a major catastrophe.”

And government top-down policy eliminates this? Or does it simply add a thick bureaucratic layer to the problem?

People make a living advising what others should do. People are free to consult with anyone about anything. The fact that nothing is perfect does not mean that we need to have a single bad policy.

“Heh heh, funny and rather timely example. Those generous warranties and return policies are subject to abuse, which cuts into profits:”

Because we all know anecdotes prove that the government must solve a business problem?

I don’t understand the nature of your point. An ex-politician stole stuff from a store, and this is different from taxation?

You don’t seem to realize how the market works. There is no magic rate of profit. The warranty service will be provided as long as profits can be made as long and as competitors are doing the same.

@Pat

“Look at the meat packing industry. In the early 20th century you had no regulation and Upton Sinclair’s “The Jungle””

You actually believe Upton Sinclair’s the jungle? There have been much better and honest books (without BIAS) that describe the state of this industry. Of course they are never pointed out in school. Because honesty has never been a match for cheap populism.

Remember the good old days of horse shit all over the streets? It’s a good thing we had laws passed prohibiting horses on the street!

“Now you can walk into your average U.S. slaughterhouse and it’s cleaner than your kitchen at home (I know, I worked in one while in college). Over that time there are certainly instances of regulatory abuse or ineffectiveness, but in 100 years the overall situation has improved dramatically.”

Your argument suffers the same logical fallacy of post hoc ergo procter hoc that plagues most historians. Regulations are not the reason we have much better standards today.

By creating more capital per head (capitalism) we raise the standard of living – such that we can no longer tolerate our past styles of production. What REGULATION can do is prematurely do something – in such a way that those who do not immediately adjust go bankrupt – reducing competition [cartelizing].

“Regulating the financial community with an eye towards privacy will certainly have unwelcome and unforseen consequences.”

No kidding – it’s Fascism.

“However, deregulation’s positive effect on price came at a loss of agility for some of the airline carriers, which made it difficult for them to recover from the market impact of 9/11 and caused a net overall negative impact on the economy”

Logical fallacies a foot. The loss of agility came after an artificial barrier was removed. A previously guaranteed inefficient tax-subsidized
industry had to make an adjustment. To think that bad policies should never be reversed is to advocate the constant growth of government.

9/11 was a result of past government intervention in foreign affairs. The airlines played no role. In fact considering that airports, air control towers, and security checks are government owned – one can’t say that the industry is totally deregulated. Also the fact there was regulation preventing the airlines from arming (non-ballistic weapons) certainly didn’t mitigate the problem.

And don’t worry about the airlines – they got a nice bailout (25 billion, IIRC).

“California raved about deregulation of the power industry when prices dropped immediately following the deregulation, and then howled when the energy shortage led to companies like Enron bilking California consumers.”

Deregulation? What are you smoking? Deregulation means NO REGULATION at all – what happened was regulation. Prices were not free to fluctuate to meet consumer demand. Price ceilings were still imposed – making it a financial loss for out-of-state providers to sell it to local California suppliers.

“However, they also reduce margins in a manner that encourages bad corporate behavior -> if your company lives and dies by the quarterly report, and your competitor is producing an unsafe product and undercutting you, you can either lose business and hope that some liability or bad publicity event will eventually catch up to your competitor, or you can adopt the unsafe practice.”

What about the critics? The magazines, reviews, etc? Are they sleeping at the wheel? You can’t sell a genuinely crappy product repeatedly and expect to not lose profits. Why make the assumption that there is only one other competitor?

“Far too often the result of such a situation is the second behavior. Regulations help stabilize the marketplace because you know your competitors have to follow the same set of guidelines that you do.”

The crux – cartelization is good? This argument first appeared in the 1930’s with the National Industrial Recovery Act (later found Unconstitutional, but still log rolled into another Act). Businesses were allowed to create their own codes of conduct – and these were typically done by the biggest corporations. The purpose? To raise barriers to entry. They tried to dismantle the very mechanism that would allow a new market entrant to compete with them. In sum: they hated any business practice that they had trouble competing with. And then we have today…

“Therefore, by this line of reasoning, the only way to experience the benefits of deregulation is to submit wholly to the idea — to become a True Believer — and literally strike down any and all laws that interfere with the free market. Or, at least, keep hacking away until everything looks okay.”

Declaration of Independence ring a bell?

“Does this mean that I have no beliefs whatsoever? No. But I’m not so foolish as to think that these beliefs should be forced on anyone else.”

But some of these beliefs are forced onto others! I can accept a valid point of view that you do not want to either eliminate laws or create new ones – but such a position is a weak one – for it does not accomplish your objective.

Michael Birk March 13, 2006 10:11 PM

@quincunx:
“Declaration of Independence ring a bell?”

Get some manners. This is one of the reasons I’m not going to “debate” with you.

However, thanks for proving my point about deregulation in California.

Pat Cahalan March 14, 2006 1:12 PM

@ quincunx

This is digressing off of security and into economic theory, but I’ll follow up on your last post…

You actually believe Upton Sinclair’s the jungle?

It is a work of fiction, sure.

However, since I’ve been of employable age, I’ve worked for various retail outlets, financial institutions, engineering corporations, educational institutions, food preparation facilities, and a couple of other jobs. In every one of those industries I’ve directly experienced managerial decisions that bypassed safety, quality, or reliability for the sake of short term profit.

No exceptions based upon industry.

However, I’ve found (again from my experience) that those facilities that were subject to regulation and regular oversight had far fewer poor decisions made, and those poor decisions were usually those with a very small potential negative impact.

Remember the good old days of horse shit all over the streets? It’s a good
thing we had laws passed prohibiting horses on the street!

I don’t have the inclination to research city ordinance regarding animal transportation and nuisance produced thereby, and to tell you the truth I have no idea what you’re trying to say here.

I’m going to guess that you’re saying, “We don’t need to pass regulations to prevent horses from defecating on streets, because horses are inevitably removed from the “market” of transportation options by automobiles.” The centuries of horse drawn transportation vs the decades of automobiles isn’t an issue? Rather than take any steps to enforce a change that benefits the community, we have to wait for the market to provide an alternative? That a community actually provides a disservice to itself by manipulating the market to incent innovation in a particular direction?

Your argument suffers the same logical fallacy of post hoc ergo procter
hoc that plagues most historians. Regulations are not the reason we have
much better standards today.

This only qualifies as a post hoc argument if there is no causality between regulation and better standards. A post hoc ergo procter hoc fallacy, properly, is “A occurs before B, therefore A is the cause of B”. While you can debate the degree of causality between “regulation imposition” and “better standards”, there is obviously a non-trivial degree of causality between one and the other. To dismiss regulation as having no effect whatsoever on standards is hardly defensible.

I agree that regulations are not the sole reason that we have better standards today. I agree that it may be possible that regulations have lower impact in the long run upon standards than economic forces -> it is difficult to prove one way or the other in the long run, and depends largely upon the industry, the product, the effective life of the product, possible other consequences of the product on the economy, and the disposition of the product after its end-of-life.

My experience of human nature leads me to believe pure market forces are unreliable as sole enforcers of quality, but the utter lack of a proper test case means that is a belief, not a logically robust position.

However, I also think it is difficult for anyone to propose that economic factors are the sole reason that we have better standards today. Your iron resolve on this position, when you have as little basis for iron resolve as I do (lacking definitive evidence supporting your position), leads me to conclude that this will not be a progressive discussion.

“Regulating the financial community with an eye towards privacy will
certainly have unwelcome and unforseen consequences.”

No kidding – it’s Fascism.

Definition of cap-F “Facism” : a political philosophy, movement, or regime (as that of the Fascisti) that exalts nation and often race above the individual and that stands for a centralized autocratic government headed by a dictatorial leader, severe economic and social regimentation, and forcible suppression of opposition (from Merriam Webster).

Your use of the word “Fascim” is improper.

“However, deregulation’s positive effect on price came at a loss of agility
for some of the airline carriers

Logical fallacies a foot. The loss of agility came after an artificial barrier
was removed.

Perhaps you were confused, this is precisely my point. The airline industry was regulated, which provided a structure for the various carriers to interoperate (of course, there are inefficiences here, I’m not debating that).

Regulation is removed/lessened. Smaller carriers can compete better. The flexibility of the smaller carrier allows them to undercut the larger carriers in some markets. To adapt, the larger carriers have to make concessions in pricing before the larger carrier’s business model can adapt (it is less agile). Major market imposition occurs (9/11) affecting frequency of travel.

The smaller carrier can adapt to the major market imposition, being more agile. The larger carrier cannot (already attempting to adapt to the injection of the smaller carriers into some of its markets), and gets into financial trouble.

The loss comes at the “periphery” of service. Larger carriers need to drop less profitable services (such as some international lines). Thus the market imposition does not affect the “average” consumer (a domestic traveller who doesn’t care about frills), but severely impacts the “non-average” consumer, as services that are less profitable are eliminated for the larger carriers to adapt.

I don’t travel internationally, but I know it is much more expensive and difficult to arrange now. Is this worth the price savings of someone flying from San Francisco to Los Angeles from $189 to $89? I’m not qualified to judge the impact on the overall affects on the nation’s economy. It’s certainly nicer for the “average” consumer.

What about the critics? The magazines, reviews, etc? Are they
sleeping at the wheel?

They may be sleeping at the wheel. They may be influnced by their own particular market (hypothetical example, PC Magazine may be influnced by the ad revenue generated by Dell not to provide accurate reviews of Dell, if the ad money paid by Dell more than makes up for any loss of readership they may have from buyers of a particular bad Dell model). They may be prevented by non-disclosure agreements, threat of legal action, or some other method from acting upon information that the consumer should have.

You can’t sell a genuinely crappy product repeatedly
and expect to not lose profits.

There are so many instances of this being untrue that I don’t know where to start. Define “crappy product”. If I sell something that has unintended consequences for the consumer, but it provides the initial functionality desired, is it crappy? Is junk food crappy? Cigarettes? How about defective motorcycle helmets? If I sell 10,000 and make $100 on each one and take off to Aruba before someone dies, I’ve made the money and vanished. The crappiness of my product isn’t discovered until it is too late -> the buyers have no recourse.

Or a nuclear waste disposal plant… if they can dump their junk in some landfill where the results of the leakage won’t be discovered for forty years (long after the current management will be retired and gone, and the company may be dissolved), well, that’s just tough bananas for the bedroom community with a cancer or birth defect rate 50 times the nation’s average? “They should have moved somewhere else, even if they didn’t know about the danger, that’s their fault for not being able to afford to live in Bel Air?”

Sorry, I’m digressing.

Businesses were allowed to create their own codes of conduct – and these
were typically done by the biggest corporations. The purpose? To raise
barriers to entry.

That’s hardly good regulation, and I would not recommend allowing industries to write their own rules for just this reason. Allowing an industry to police itself is idiocy.

There are bad ways to regulate, that doesn’t make all regulation bad, or the lack of any regulation good.

Davi Ottenheimer March 15, 2006 2:12 AM

“You don’t seem to realize how the market works.”

The market? Which market are you referring to here?

“When it fools you, deceives you, and treats you immorally do you have choice of not paying for this great service?”

Um, I hate to be the one to break this to you but when something fools or deceives you, you do not have a choice. That’s the problem. You are fooled, get it? You think you’ve already chosen the right path…

Ok, so maybe you eventually figure out that you are being duped, but how much later before it is too late to recover? Howabout “Enron later” ($60 billion or more in losses) when many people are left with NO money left to make a choice with? What then?

“The concept of “fairness” is subject to so much abuse. For example – some people think that there is such a thing as a ‘fair’ wage, or a ‘fair’ business practice. But no such thing exists – a ‘fair’ wage is what you and your employer agree to, and a ‘fair’ business practice is one that doesn’t involve the use or threat of force.”

Well, there you have it. It seems you’re pro-regulation now. That’s what happens when we all have to agree to work with something that doesn’t exist. We eventually end up trying to define what/how fairness can exist. In other words, we come back to differing philosophical axioms that are rendered incompatible without a system of controls and regulation, preferably with some independence…

Davi Ottenheimer March 16, 2006 11:28 AM

Well, this thread is probably long dead, but I just couldn’t resist a segue to the a rather silly report by the Register on consumer habits and associated risk/costs:

http://www.theregister.co.uk/2006/03/16/pleasure_ruining_the_world/page2.html

“Ah, but we are weak creatures, much given to human frailties, foibles, and vain desires. Our tendency to enjoy tobacco costs us $167bn per year in health costs and lost productivity. And mere second-hand smoke costs $10bn more.

Our penchant for alcoholic drink, a nourishing indulgence without which civilization itself would be impossible, robs us of $185bn in health costs and lost productivity. That alcohol also gave us the most important thinkers in human history should be a bonus, but as no one has bothered to calculate the monetary benefits to society of their various contributions, we remain unable to challenge these data. We’ve got to accept the loss.

Fast foods, and overeating in general, are a major problem that cost us $13bn in lost productivity, and $102bn in additional health costs. No word on the social windfall from all those McJobs keeping the illiterate busy.

Meat consumption, Puritanical psychotics want us to know, costs $1 trillion in medical expenses. But we’re rejecting that outrageous bit of lunacy in favor of some barely-less outrageous lunacy, and are calculating the price at $61.4bn in medical costs.

Gambling is draining us too, but we need not calculate the actual sums wasted at the tables because, as the Grateful Dead observed, “one man gathers what another man spills,” and no place better illustrates this postulate than the casino. Vegas losers create hundreds of thousands of decent jobs, and vast profits for casino stakeholders and shareholders. So we’ll calculate only the downside of gambling: the bankruptcies, suicides, thefts, and frauds perpetrated by the newly-destitute, which comes in at a cheerful $54bn. A bargain if ever there was one.”

CommonMan March 16, 2006 6:25 PM

Perhaps you’ve already addressed this but if not – I’d appreciate your thoughts on why privacy matters. It’s not as simple as “I just feel it’s an important thing.” I personally feel that it would change the nature of who we are as creatures if we were to lose all sense of privacy. It might also stifle innovation, creativity, and of course democracy!

My point is: it’s not sufficient to rant about the loss of privacy without defending the need for privacy. I believe privacy is fundamental and more people need to really understand that and really understand why.

Thanks.

Anonymous March 17, 2006 11:44 PM

@Davi:

“Well, there you have it. It seems you’re pro-regulation now. That’s what happens when we all have to agree to work with something that doesn’t exist. We eventually end up trying to define what/how fairness can existWell, there you have it. It seems you’re pro-regulation now. That’s what happens when we all have to agree to work with something that doesn’t exist. We eventually end up trying to define what/how fairness can exist.”

What? I say fairness is what two people agree to, and you call that regulation?

“Um, I hate to be the one to break this to you but when something fools or deceives you, you do not have a choice. That’s the problem. You are fooled, get it? You think you’ve already chosen the right path…”

Uhm, read what I wrote. I was talking about the gov.

“Howabout “Enron later” ($60 billion or more in losses) when many people are left with NO money left to make a choice with? What then?”

How about central bank earlier? You act as if there is no causal link between central bank coordinated credit expansion and severe market disturbances – after which the gov will find any business to whack a stick at. Distracting you from the real cause of financial crises.

I love that last part. Like the devalued stock holders were forced at the point of a gun to invest their money in a given company. HELLO!
That is what happens in a central bank created boom-bust cycle. The last stockholder are left holding the bag. Of course they are going to be bitter. Just like the gambler that lost his pot.

@Pat:
“That’s hardly good regulation, and I would not recommend allowing industries to write their own rules for just this reason. Allowing an industry to police itself is idiocy.”

And yet it pretty much goes on today..albeit in a different form.

“There are bad ways to regulate, that doesn’t make all regulation bad, or the lack of any regulation good.”

The only good way to regulate is to use social forces, not compulsory top-down forces.

” If I sell something that has unintended consequences for the consumer, but it provides the initial functionality desired, ”

So? If you sell a car and it explodes and kills the passengers, should the government then procede to regulate the car selling business? Private owners need a car-selling license?

“Is junk food crappy? ”

People make deliberate choices to eat junk food. Should we tax and regulate that too?

“Cigarettes? ”

Again, people make CHOICES.

“How about defective motorcycle helmets? If I sell 10,000 and make $100 on each one and take off to Aruba before someone dies, I’ve made the money and vanished. ”

That’s the funniest one. Why would people buy helmets from a no-name guy that hasn’t been reviewed or well advertised? The only way you could entice them to buy from you is buy attracting them with MUCH LOWER prices. Which will severely cut into your profit margins.

Do you know the typical profit margin for motorcycle helmets? I certainly don’t. But I would say it’s less than 5%, being that it is a common and old market, and motorcycle driving has not increased dramatically. So you can’t just make up numbers – and say that this guy is robbing you blind and going away.

“They may be sleeping at the wheel. They may be influnced by their own particular market (hypothetical example, PC Magazine may be influnced by the ad revenue generated by Dell not to provide accurate reviews of Dell, if the ad money paid by Dell more than makes up for any loss of readership they may have from buyers of a particular bad Dell model). They may be prevented by non-disclosure agreements, threat of legal action, or some other method from acting upon information that the consumer should have.”

And the political realm is different? If PC Magazine sucks, maybe Maximum PC is better. Or the Internet for bloody sake. Why do you have to come up with stupid anecdotes that implicate the market – but cannot see that the same criticism applies to the government as well! – Except there you have no choice!

“Thus the market imposition does not affect the “average” consumer (a domestic traveler who doesn’t care about frills), but severely impacts the “non-average” consumer, as services that are less profitable are eliminated for the larger carriers to adapt.”

So? People and business adapt all the time. Do you need to be explained how technology or exogenous shocks (like government provoked terrorism, natural disaster, etc.) changes the market and causes people and businesses to adapt.

“However, I also think it is difficult for anyone to propose that economic factors are the sole reason that we have better standards today. Your iron resolve on this position, when you have as little basis for iron resolve as I do (lacking definitive evidence supporting your position), leads me to conclude that this will not be a progressive discussion.”

Ah, so private property and it’s thus corresponding increasing capital per head doesn’t make everyone better off?
Things just kinda happen by some mystical force?

All I’ve got is 250+ years of economic theory (the proper one) and 4000+ years of history of private property and it’s plunder by governments. What have you got?

“My experience of human nature leads me to believe pure market forces are unreliable as sole enforcers of quality, but the utter lack of a proper test case means that is a belief, not a logically robust position.”

Your experience is a mixed market economy. The problems you see is already the result of previous intervention.

” Rather than take any steps to enforce a change that benefits the community, we have to wait for the market to provide an alternative? That a community actually provides a disservice to itself by manipulating the market to incent innovation in a particular direction?”

You see? You are use one indicator for your judgment. You see this one problem and ignore the fact that people had CHOICES. People are always choosing among alternatives.

The ‘Change’ requires people to PAY for it. You get it? NO free lunch. The fact that people didn’t shows that they valued something else more than having perfectly shitless streets.

What if your beloved local or state government made it a ‘virtue’ by mandating that all cars and all house exteriors must be cleaned and rinsed every so often. Sure it would probably make a pretty cool neighborhood, but would you be happy spending YOUR money on such a thing – as opposed to other things that satisfy your material well-being?

Every such mandate may produce SEEN results – the poor economic mind will never wonder about that which is UNSEEN.

“However, since I’ve been of employable age, I’ve worked for various retail outlets, financial institutions, engineering corporations, educational institutions, food preparation facilities, and a couple of other jobs. In every one of those industries I’ve directly experienced managerial decisions that bypassed safety, quality, or reliability for the sake of short term profit.”

So? Your tax money pays for regulation. Instead of paying normal price (cost + profit) you pay:
cost + profit + seller regulatory overhead + government regulatory agency (via taxes).

It’s kinda funny. You see this happen even though the regulation is already in place – but not severely enforced. Guess what? The stricter it is enforced the higher the price the good will be – the more likely you are to go buy stuff in a gray market – where regulation can’t follow it. In fact that’s probably the place you worked.

Another thing: The farmer can reap short-term profits by over grazing on HIS private land, but would such a thing be a wise thing to do? NO, that’s why he will seek government leased public land!

“This is digressing off of security and into economic theory, but I’ll follow up on your last post…”

Economic theory works best where there is freedom, and where there is freedom there is security – so they are not un-related.

@Birk:
“However, thanks for proving my point about deregulation in California.”

Hey, I call it like it is. I use facts. When something is not regulated – government is not involved. Unless you think having China allow 2 children is somehow a deregulation.

“Get some manners. This is one of the reasons I’m not going to “debate” with you.”

Hey, you want problems solved – I’ve got the solutions. You don’t want the problems solved – then hey, go ahead! Keep dreaming.

Anonymous March 18, 2006 12:20 AM

” The crappiness of my product isn’t discovered until it is too late -> the buyers have no recourse.”

I see. So governments can provide and/or regulate products in such a way as to insure that no accidents ever happen. They are omniscient, omnipotent, and omnipresent and they do it for free too, right?

Hmm, that’s kinda funny, because when they ban things like DDT, which directly causes 50+ millions of deaths – the dead have a recourse? Right?

When you are coercively forced to pay the government for services you do not want – and for services that fuck you over – you have a recourse, right?

Don’t hand over ‘Privacy’ to the gov, you will get less Privacy at the highest monopoly price – good & hard.

Seriously, I don’t understand why people aren’t getting it?

A government is nothing more than an agency with a monopoly on force in a given territory.

“If I had to use a single word to describe what is fundamentally wrong with government today, I would use the word fraud. Certainly nowadays – perhaps in every age – government is not what it claims to be (competent, protective, and just), and it is what it claims not to be (bungling, menacing, and unjust).

In actuality, it is a vast web of deceit and humbug, and not for a good purpose, either. Indeed, its true purposes are as reprehensible as its noble claims are false.

Its stock in trade is pretense. The velvet glove of its countless claims of benevolence scarcely conceals its iron fist of violence and threats of more violence. It wants to be loved, but it will settle for being feared. The one thing it will not do is simply leave us alone.” – Robert Higgs

Michael Birk March 19, 2006 6:16 PM

@quincunx:
“Hey, you want problems solved – I’ve got the solutions. You don’t want the problems solved – then hey, go ahead! Keep dreaming.”

That’s all well and good, but asking whether the Declaration of Independence “rings a bell” is plainly insulting. And, as I highlighted earlier, it’s not the first time you relied on such a “technique.”

Moreover, if the Declaration of Independence is your idea of “deregulation,” then I was correct in my initial assessment. Your “solution” to our current problems with respect to privacy (and everything else) is bloody revolution.

And I’m the one who’s dreaming?

Pat Cahalan March 19, 2006 10:23 PM

@ Anonymous/quincunx

I’m sorry, I just don’t subscribe to your underlying premise that the aggregate power of the consumer is the sole dominating factor in quality in a free market. Free market capitalism, in my opinion, ignores the effects of several types of human behavior that have adverse impact on the market.

Most free market capitalists I’ve had these sorts of discussions with fall back on a common premise of judging that a mob of self interested consumers is more trustworthy than any sort of government. I agree that government can be dodgy, and I’m hardly a fan of institutionalized malfeasance, but I find the commons to be as frightening a force as an overempowered big brother. Moreover, the commons has very little view of the bigger picture, and the complexities of the modern economy can make it so that a trend of behavior can have severe negative consequences in certain types of disaster scenarios.

You seem to trust business more than the government. Or citizens more than the government. I distrust them all more or less equally, albeit for different reasons 🙂

quincunx March 20, 2006 6:59 PM

” Your “solution” to our current problems with respect to privacy (and everything else) is bloody revolution.”

An intellectual revolution, not a physical one. Physical ones just tend to replace the heads of state.

How about just Seccession?

” Your “solution” to our current problems with respect to privacy (and everything else) is bloody revolution.”

And your solution is: meaningless words.

“Free market capitalism, in my opinion, ignores the effects of several types of human behavior that have adverse impact on the market.”

Huh? This one is hard to follow, here’s what I’m reading: People engaged in voluntary exchange ignores the effects of the participants in this exchange which has an impact on the ability for those further exchange by these participants.

And the solution is to impose an involuntary exchange based on coercion and compulsion – because that will surely eliminate the effects of human behavior?

“Most free market capitalists I’ve had these sorts of discussions with fall back on a common premise of judging that a mob of self interested consumers is more trustworthy than any sort of government.”

People engaged in voluntary exchange is considered a mob?

What the hell do you mean by “trustworthy”? – Of course consumer’s self interest is more trustworthy in accomplishing consumer self-interest. How the hell can you have happy people if you need to force them to pay some group of people (who are likewise consumers), that have the diametrically opposite incentive to loot as much from you as possible?

“Moreover, the commons has very little view of the bigger picture, and the complexities of the modern economy can make it so that a trend of behavior can have severe negative consequences in certain types of disaster scenarios.”

The Internet does not make you see the bigger picture? We need to have a central-net?

That’s just pure rubbish. The modern economy exists precisely because it’s participants are free to engage in that which benefits them. It is the market – NOT GOVERNMENTS – that allow civilizations to prosper.

The price system (if not hampered) directs resources to where they are needed most – that is why profits/losses are good. They are signals. People respond to them – disaster is overted. The price-system is precisely how enormous amounts of people can cooperate.

Governments on the other hand – rob the market system – and hampers it excessively. They march under the banner of private property protectors – but they fund themselves by violating it in the first place. Name me a program and I will tell you it’s resultant damage, or name me something good that it did – and I will show you the market was going there anyway, in a timely and efficient manner.

What disasters are you talking about? The only real disasters that exist are natural and state-created ones.

If you actually want to learn the truth – you must abandon nearly all the crap you were taught in PUBLIC school. Yes, I know it’s tough (took me years), but if truth is something you seek – it is an effort worth engaging in. Mere opinion means nothing.

“You seem to trust business more than the government. Or citizens more than the government. I distrust them all more or less equally, albeit for different reasons :)”

You are just throwing ‘aggregate’ groups like it has any meaning. In reality-land there is only people.

Trust in anything is not an absolute, but I trust people and voluntary aggregates of people engaging in non-violent exchange, as opposed to parasites that steal from you in the name of justice.

Pat Cahalan March 20, 2006 10:25 PM

People engaged in voluntary exchange ignores the effects of the participants in
this exchange which has an impact on the ability for those further exchange by
these participants.

Close. Imagine a market for a product P. There are N customers interested in this product. In order for a competitor to make a profit in this market, they must introduce a competing product P’ that will attract N-M for some M. In other words, they have to be able to attract enough customers to turn a profit, or they won’t attempt to infiltrate the market.

If I’m the company producing the original product, then, all I have to do is make sure that my product is good enough to retain N-M+1 customers, and a competitor cannot infiltrate my market. The difference between M+1 and N is a trapped customer base -> they need my product P, would prefer P’, but have no ability to acquire it.

In a real way, a completely free market can stifle innovation, because of this barrier to market penetration -> a competitor can’t just produce something “better”, they have to produce something “better enough” to overcome the market presence of the first company. Brand recognition itself can be a remarkable barrier to entry, regardless of the quality of the product.

And the solution is to impose an involuntary exchange based on coercion
and compulsion – because that will surely eliminate the effects of human
behavior?

Of course it won’t eliminate the effects of human behavior. It can mitigate those effects, however.

The Internet does not make you see the bigger picture? We need to have a
central-net?

Er, I hate to break this to you, but the Internet is a collection of central-nets, each controlled by a set of regulations imposed by the LAN administrator. Very few organizations have “free market networks”. I know I certainly can’t occupy the entire external connection on my LAN here, and I’m in one of the least monitored environments in the world.

The price system (if not hampered) directs resources to where they are
needed most

So there is no free rider problem?

What disasters are you talking about?

Oh, tsunamis, hurricanes, earthquakes, war, famine, plague, anything that can suddenly cause a paucity of resources compared to normal operation of the market. Price gouging isn’t a problem in a free market?

I suppose we’re going to have to just agree to disagree here.

quincunx March 21, 2006 5:09 PM

“In a real way, a completely free market can stifle innovation, because of this barrier to market penetration -> a competitor can’t just produce something “better”, they have to produce something “better enough” to overcome the market presence of the first company. Brand recognition itself can be a remarkable barrier to entry, regardless of the quality of the product.”

What are you smoking?

Free market stifles innovation? You got it exactly backwards. Government imposed monopolies, franchises, tax structures, minimum wage laws, labor unions, regulations, zoning, subsidies, obligatory social insurance charges, occupation licensing, etc. is what stifles innovation. The free market is the only thing that CAN produce innovation sufficiently, efficiently and in a consitant sustainable way. Political plunder in the name of the “public” actually has the very opposite effect of that which was intended.

New entrants indeed need to induce consumers to switch to their products – and this can include advertising, under-cutting, promotions, or unique value added services – NOW tell me genius – how is this bad for consumers (who are part of the free market)?

Although you might think it is such a challenge – it does happen all the time! New businesses get into the market, and old ones are forgotten. There was a time when Montgomery Ward, Woolworths, Sears, JC Penney, A&P, White Castle, etc. were the shit.

What the hell is “better” as opposed to “better enough”? There is no individual that can predict the future market perfectly – they can’t just dump billions of dollars into a new product, without first testing it. Businesses, have to use THEIR money to make decisions, compare this to the gov – which can only make bad, but visible decisions at your expense.

“Of course it won’t eliminate the effects of human behavior. It can mitigate those effects, however.”

You are obviously in denial. How can violence mitigate the effects of peaceful and voluntary exchange?

You have not accepted my challenge of naming a gov program that works! (see above for details).

“Er, I hate to break this to you, but the Internet is a collection of central-nets, each controlled by a set of regulations imposed by the LAN administrator. Very few organizations have “free market networks”. I know I certainly can’t occupy the entire external connection on my LAN here, and I’m in one of the least monitored environments in the world.”

Ah, so you are going to sink so low as to argue a technicality. Yes it is composed of end-to-end intranets, good job, but what is your point?

The internet is still free market in relation to the individual or enterprise entities that comprise it. The only things that are shared are done so voluntarily. You certainly have control over your home internet connection, and you certainly are free to use your work computer to the limits of your working contract. No one says you have to work there.

“So there is no free rider problem?”

Ah, the classic free-rider strawman. I’ve always thought this was the funniest thing ever. First of all it is not a serious problem if all private property is respected. Because we have lost this, historically, it has been ever more present.

The fact is: you can NOT get rid of it, it will always exist, but it can be reduced. It is hard to see how you can use government violence to reduce benefits or losses to accrue to third parties. I’ll provide you a few examples to show you how ridiculous it is if you follow the free-rider logic:

You build a beautiful park on your PRIVATE land, and you charge people for parking + time spent in park. The houses around the park have now gained considerable value. So now, should these home owners be taxed, and the park owner subsidized?

You own a movie theater, and you sold only 90% of the tickets for a show. So now, should you be forced to let people in for free, just to fill it up to capacity?

You own a business, a competitor comes to town. The people show that they prefer the competitor by their money-spending action. Should the better competitor be taxed, and the loser be subsidize? You see where this goes?

The free-rider ‘problem’ is nothing but a ex post facto rationale for
the expansion of state power in the first place. Which is exactly why it was ‘invented’ during the Progressive Era, by government subsidized economists.

Also, a funny thing to note: because you can enjoy the benefits of open source, without contributing much to it, the free-rider logic would lead you to conclude that open source must be subsidized and regulated. Hardly an act that would create innovation.

“Price gouging isn’t a problem in a free market?”

Well if you actually understood how the market works you wouldn’t feel that way. I will argue this on two grounds: economic and moral.

Economic: Draw a supply curve, draw a demand curve, draw a horizontal line below the meeting point of the S+D curves indicating a price set by the threat of government violence. You will quickly see that such an act will create a shortage. A situation where tsunamis, hurricanes, earthquakes, war, famine, plague, will not only create physical distruction but antisocial first-come-first-serve or most-force-first serve behavior. This is hardly what anyone wants. The price is a signal, if it cannot be adjusted, the only reason people will help is out of pure benevolence. Benevolence is good, but hardly the only motivator for humans. By having higher prices, a signal is sent out to all those that want to come in and compete – thereby increasing the supply and reducing the prices.
This situation breeds social cooperation, no one has to engage in violence and other zero-sum transfers to be able to get what they want.

You may think that the market is slow to respond, but you are dead wrong. A lot of market participants are always seeking a profit opportunity – they will get off their ass and go help when they look at the stock market, read newspapers, browse the ‘net, and other sources of information. Not only does this happen, but market participants are also constantly predicting the future of the market – and will invest accordingly.

Note how gas prices rose right before Katrina. An economically illiterate person would think that this is a punishable evil. But it had to rise, because gas companies needed to ‘price gouge’ in order to repair the damage. Which they are still doing, as well as repaying some debts with their evil ‘excess profits’. Now who is going to repair their refineries purely out of benevolence? Also, in regard to the ‘excess profit’ charge against the oil companies, they made 12 cents/gallong instread of their usual 8 cents/gallon, while the government makes 30-50 cents/gallon, so who the fuck is price gouging?

Also, in regard to Katrina, the low number of people left in the wake of Katrina caused the demand for labor to rise to 25$/hr for any person willing to provide businesses with cleanup help. Any guess what? A lot of people found that quickly attractive.

Moral: What right do you have to the property of someone else? The only fair price is that which two parties agree to. You can’t pull up to a gas station and demand they sell you for the price you want. They got bills to pay and new expensive oil to buy.

Imagine a situation where you are trying to sell an old used car for $2000, the government imposes a maximum price of $500 (for your car). You might want to change your mind: Selling it for $2000 is worth it, but for $500 you’d rather keep it and really run it into the ground. You lose out, and the person that would have bought it also loses out. A shortage has been created for your type of car – artificially!

“I suppose we’re going to have to just agree to disagree here.”

No. Understand what you are talking about, read up on the principles, the facts, and then you will agree with me. I would have agreed with you years ago, had I stayed ignorant.

‘Price Controls’ are just about the oldest economic evils in society. Look troughout history and you will see that ignorant hatred of ‘price gouging’ only leads to economic and social ruin to any civilization that attempts to practice it.

Pat Cahalan March 21, 2006 7:10 PM

@ quincunx

Last post on this topic here, although I’ll continue this discussion elsewhere, if you want to cut out the attacks on my character and the general hostile tone of your side of the argument:

PC> “In a real way, a completely free market can stifle innovation,
PC> because of this barrier to market penetration

Q> What are you smoking?

Was my example unclear? Or do you just dispute the premise? If you do, that’s fine. That doesn’t mean that my example doesn’t hold water. If you don’t think barriers to market entry can stifle innovation, can you explain why? Certainly in the long term barriers to market entry will disappear under the pressure to innovate. However, markets exist in both the short and the long term, no?

I don’t disagree that many of the things you point out can have negative effects on innovation (taxes, regulations, zoning). I am a little suprised that you consider unions to be in the same catagory as regulations… if two or more competitors can get together and decide to manipulate the market (certainly possible in an unregulated market), why can’t two or more workers get together and manipulate the labor market? Is it just unsporting?

Q> New entrants indeed need to induce consumers to switch to their products…
Q> [snip]… Although you might think it is such a challenge – it does happen all
Q> the time!

I don’t dispute that. However, that doesn’t invalidate my point -> in order for the new product to displace the old product enough to enable a profitable business, it has to be attractive to a sizeable enough customer base that can support the product. Functionality, security, quality, etc., are not necessarily enough to guarantee a successful product. There are examples of better products (higher quality, more functionality, more security) losing out to lesser products completely on price (vhs and betamax springs to mind).

You are obviously in denial. How can violence mitigate the effects of
peaceful and voluntary exchange?

Regulations == violence? I don’t follow that premise at all. You’re not turning timecube on me, are you?

You have not accepted my challenge of naming a gov program that works!

Any example I give of a government program “that works” you’re going to discard out of hand, because your definition of “works” is different from mine, obviously. I’ll give it a shot in the name of the same spirit of futility that’s leading to this post:

I would say that the health and safety regulations for the meat packing industry (not including fisheries) “work”. I’ve seen them in effect. I personally believe that the resulting “passed on to the consumer” cost of following those regulations is a net benefit to the consumer, and a net benefit for the society as a whole (much lesser health care costs for ecoli or mad cow infections, etc). It is essentially impossible for me to prove this to you to your satisfaction, I imagine. How do you measure these costs and benefits accurately?

Q> Ah, so you are going to sink so low as to argue a technicality. Yes it is
Q> composed of end-to-end intranets, good job, but what is your point?

Actually, I was getting peeved at the increasingly offensive tone of your posts, the point wasn’t intended to be relevant. I was just pointing out you gave a bad example.

Q> Ah, the classic free-rider strawman… [snip]… First of all it is not a serious
Q> problem if all private property is respected.

IMO, any theory which relies upon a closed system to work is broken. (This is why communism is broken – there is an underlying assumption that all the workers will unite for their common benefit. The theory can’t accomodate a worker population that won’t unite for common benefit).

This is a problem with free market capitalism. You say that the free rider problem isn’t a problem if everyone respects private property. This is like saying computer security isn’t a problem if people don’t try to break in – it is factually correct and totally unrealistic. People (as a class) may or may not respect private property. If you are relying upon people to always be in the set {those who respect private property} as part of your economic theory, your model is rigid and can’t deal with either a population that doesn’t respect private property or a disaster situation that causes people to respect private property less than something else (like the desire to eat).

Q> This situation breeds social cooperation, no one has to engage in
Q> violence and other zero-sum transfers to be able to get what
Q> they want.

So, if prices are always set by two parties, this won’t occur: “You know what, I don’t have enough money and I don’t have any food. You’re asking for an unreasonable sum of money for that loaf of bread, because someone here is going to pay you that to get the bread. Well, I’m going to take this gun here and just take this bread?”

Q> Note how gas prices rose right before Katrina. An economically illiterate
Q> person would think that this is a punishable evil.

Substitute “always a punishable evil” and I’ll agree with you, that’s the response of an economically illiterate person. Moreover I’ll agree that in a great many instances what people may think of as “price gouging” isn’t. However, there are examples of price gouging that aren’t simply a matter of a corporation or industry trying to maintain a sustainable or even reasonably profitable corporate model… instead they are deliberate actions on the part of a corporation (usually one with a monopoly on a given market) using a paucity of supply or control of supply to impose exorbitant pricing schedules. To deny that ignores history. If I’m reading you correctly here:

Q> What right do you have to the property of someone else? The only fair
Q> price is that which two parties agree to.

You don’t consider price gouging to be a problem. Okay, if that’s your stance there’s no way I can convince you otherwise. I happen to think it’s a problem, and moreover it’s a benefit to the overall society to take steps to ensure that it doesn’t occur. You don’t have to agree with me.

Q> Imagine a situation where you are trying to sell an old used car for $2000,
Q> the government imposes a maximum price of $500 (for your car).

Okay, that’s a bad regulation (and an odd example). I reiterate, there are certainly examples of bad regulations.

PC> “I suppose we’re going to have to just agree to disagree here.”

Q> No. Understand what you are talking about, read up on the principles, the
Q> facts, and then you will agree with me. I would have agreed with you years
Q> ago, had I stayed ignorant.

My pointing out that you gave a bad example is “sinking so low”. You disagreeing with me means that I must not read and I’m ignorant. There is no possibility that you may be incorrect.

Okay, if that’s your summary position, I reiterate: I don’t see this discussion progressing any further.

quincunx March 21, 2006 9:21 PM

“Certainly in the long term barriers to market entry will disappear under the pressure to innovate. However, markets exist in both the short and the long term, no?”

Let me see if I understand your argument: Markets stifle innovation, but eventually the stifling process is reversed, and a new market forms that is different but still resistant to innovation.

I’m sorry but that doesn’t make sense. The market is not a thing, it is a process. Thinking only in terms of short or long terms is counterproductive.

” if two or more competitors can get together and decide to manipulate the market (certainly possible in an unregulated market), why can’t two or more workers get together and manipulate the labor market? Is it just unsporting?”

I partially answered this before:

“In the unhampered market – the very incentive to collude (in the effort to maximize profits) is the very incentive that would lead you to cheat on your agreement (in the effort to maximize profits). That is why no cartel exists in an unhampered market for any significant time. Government law is always the explanatory factor of why they last.”

Voluntary labor unions are OK, they just never last for the same reasons as above. Today’s labor unions are the result of coercion, not necessity to the market.

Today’s labor unions are exempt from anti-trust legislation. Labor unions represent people who are forced to be in it. Their primary MO is to raise their wages at the expense of the non-unionized (which is why they must always be a minority of total labor force), and to create barriers to entry in the labor market. They also resist innovation like the plague.

“in order for the new product to displace the old product enough to enable a profitable business, it has to be attractive to a sizeable enough customer base that can support the product.”

What is the goal, dude? Profits are irrelevant to the market size. If you can make a profit providing to a few clients, or customers, then that is all you need.

“There are examples of better products (higher quality, more functionality, more security) losing out to lesser products completely on price (vhs and betamax springs to mind).”

So? there are example of perfectly profitable niche products that cater to only a few people. That doesn’t mean they are not profitable. How can catering to consumer’s eclectic tastes be a market problem?

“Functionality, security, quality, etc., are not necessarily enough to guarantee a successful product.”

Agreed. Which is why I don’t drive a luxury car (even though it’s like the betamax to my vhs). Things like price and opportunity cost must also be considered.

“Regulations == violence? I don’t follow that premise at all. You’re not turning timecube on me, are you?”

Follow this logic: Bureaucrat enforces regulation. You do not comply with regulation. You are fined. You do not pay the fine. You are going to be jailed. You refuse to be jailed … you are shot.

You’re only incentive to pay the fine is not to get jailed or shot.

The same thing goes with taxes. The only reason you follow government laws and not moral laws – is the threat of violence. To say differently is to be in denial.

“I would say that the health and safety regulations for the meat packing industry (not including fisheries) “work”. I’ve seen them in effect.”

I’ve asked you to read what I wrote before. The market was already tending in this direction before. Have you ever heard of Heinz? Yes, he made a fortune, how? He put his name on his products. Not only did he put his name on his products, he also gave it’s origin and other vital stats. He became wealthy.

But the funny part is how he got really wealthy. He took a part in the lobby to create the FDA, why? So that his competitors would struggle hard to compete. He wasn’t an idiot, and he used the political arm to snuff his competitors, rather harshly. This is the reason why you see WalMart lobbying to raise the minimum wage – to inconvenience their competitors.

“IMO, any theory which relies upon a closed system to work is broken.”

Good point. But you misunderstand. When I say respected – I mean legally enforced. That is if all private property was legally enforced, just like it was in the 19th century, the free-rider problem would be mitigated. I listed a bunch of these transferable rights above.

“So, if prices are always set by two parties, this won’t occur: “You know what, I don’t have enough money and I don’t have any food. You’re asking for an unreasonable sum of money for that loaf of bread, because someone here is going to pay you that to get the bread. Well, I’m going to take this gun here and just take this bread?””

Fortunately a fair price is typically the market supply-meats-demand price. And even if you still can’t afford a market good, it’s not as if charity has disappeared , or loans, or barter. Did you even get the point, or are you just nitpicking with anecdotes?

“You don’t consider price gouging to be a problem. Okay, if that’s your stance there’s no way I can convince you otherwise. I happen to think it’s a problem, and moreover it’s a benefit to the overall society to take steps to ensure that it doesn’t occur. You don’t have to agree with me.”

But those steps must entail the threat of violence, or violence itself. I just find that morally reprehensible. Furthermore, what is ‘price gouging’.
If I tell you, “you can by my house for 2 billion dollars”, is that price gouging? In my mind, it’s just me politely saying: NOT FOR SALE.

” instead they are deliberate actions on the part of a corporation (usually one with a monopoly on a given market) using a paucity of supply or control of supply to impose exorbitant pricing schedules.”

There has never been a market- created monopoly in history. Though it is possible, theoretically, competition ensures that it will not. Government is always the reason they can exist. I’ve already pointed out the many ways.

“Okay, that’s a bad regulation (and an odd example). I reiterate, there are certainly examples of bad regulations.”

Agreed. A regulation that means nothing to the market is a good one. A regulation that has a time- limit is a good one. A regulation that is voluntary is a great one.

“You disagreeing with me means that I must not read and I’m ignorant. There is no possibility that you may be incorrect.”

Truth is not subjective, it is objective. We may bicker about ‘personal preferences’ but the facts are laid out for anyone to analyze rationally.

I don’t mean to sound insulting, and even admit for thinking this myself in the past – but having analyzed the facts, rationally – I find that if privacy is so important, it cannot be left up to it’s biggest usurper.

Veritas August 1, 2006 8:57 PM

With all this computing power, can’t we get together and generate so much “noise” that Big Brother’s own computers will choke on it???

I_wont_tell September 6, 2006 9:45 AM

@Bruce
“We can solve this, but it will take laws. The market won’t do it for us.”

Laws loose, technology wins .. always .. ask the turks who didn’t want printing presses.

I_wont_tell September 6, 2006 9:47 AM

@Bruce
“The truth is that the death of privacy is overrated. Just because there are cameras, it doesn’t follow that taking pictures of people naked is inevitable”

Remember Sony Videocam 10 years ago that could take your “naked” pic’s even when you were clothed 🙂

Do you think that technology was “suppressed” and is dead .. I bet it’s better than ever before.

roy September 6, 2006 12:47 PM

I have no confidence in making laws to protect our privacy, as these laws could be violated by botnets automatically, around the clock, around the world. The government, in charge of detecting violations and prosecuting them, would be obvlivious to virtually all of the violations, and practically powerless to stop them.

What we need is the legal right to thwart the invaders of our privacy. This will not happen in my lifetime, since the ability to defeat the bad guys means the ability to stymie the cops.

Incidentally — coincidentally? — the moment I went to this site I received three stealth TCP attacks from 206.16.45.70. I wonder if visitors are being spied on routinely.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.